Home
Latest images
Search
Register
Log in0-day in Microsoft DirectShow
Page 1 of 1
0-day in Microsoft DirectShow
andry Tue Oct 26, 2010 5:00 am
0-day in Microsoft DirectShow (msvidctl.dll) used in drive-by attacks
A 0-day exploit within the msVidCtl component of Microsoft DirectShow is actively being exploited through drive-by attacks using thousands of newly compromised web sites, according to CSIS. The code has been published in the public domain via a number of Chinese web sites.
Please keep a watchful eye on your AV and IDS/IPS vendors updates to ensure coverage as early as possible on this exploit as it is likely to be widely deployed with the code being available.
A valid work around for the attack vector is available which set's the kill bit on the vulnerable DLL.
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerActiveX Compatibility{0955AC62-BF2E-4CBA-A2B9-A63F772D46CF}]
"Compatibility Flags"=dword:00000400
Details of the exploit are available on the CSIS web site, but are included below:
A 0-day exploit within the msVidCtl component of Microsoft DirectShow is actively being exploited through drive-by attacks using thousands of newly compromised web sites, according to CSIS. The code has been published in the public domain via a number of Chinese web sites.
Please keep a watchful eye on your AV and IDS/IPS vendors updates to ensure coverage as early as possible on this exploit as it is likely to be widely deployed with the code being available.
A valid work around for the attack vector is available which set's the kill bit on the vulnerable DLL.
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerActiveX Compatibility{0955AC62-BF2E-4CBA-A2B9-A63F772D46CF}]
"Compatibility Flags"=dword:00000400
Details of the exploit are available on the CSIS web site, but are included below:
andry- Moderator
- Posts : 467
Join date : 2010-05-07
Similar topics» Microsoft DirectShow (msvidctl.dll) MPEG-2 Memory Corruption - Metasploit exploit module
» Microsoft IIS 0Day Vulnerability
» Get Any Microsoft Products for FREE
» Microsoft Download Manager
» Zero day vulnerability in Microsoft Office Web Components discovered
» Microsoft IIS 0Day Vulnerability
» Get Any Microsoft Products for FREE
» Microsoft Download Manager
» Zero day vulnerability in Microsoft Office Web Components discovered
Page 1 of 1
Permissions in this forum:
You cannot reply to topics in this forum|
|
|