Direct X Security Vulnerability PatchOn Thursday, Microsoft discovered a critical security hole in the DirectX library for QuickTime video playback, and it seems that the vulnerability is being actively exploited by the hacker community. As such, the multinational software corporation has published a security advisory that contains detailed information concerning the bug. The attacker then gains the abilities to access, edit, or delete files; install programs and malware; and make new accounts with full user rights. Keep Direct X up to date to avoid vulnerabilityThe susceptible DirectShow filter bug is reportedly not present in Windows Server 2008 and Vista, which only leaves older platforms like Windows XP vulnerable to the security hole. However, on prone and defenseless systems, a hacker can purportedly exploit the vulnerability even if the victim uses a browser other than Internet Explorer because multimedia extensions of other browsers also utilize the operating system's (OS) DirectX functionality. Doing so prevents QuickTime from being syntactically analyzed in the exposed Quartz.dll library. Alternately, Microsoft has created a webpage users can utilize to immunize systems. Nevertheless, at the time of this writing, the Fix It Page is undergoing maintenance and is not available. Before that happens, details on the workaround for the vulnerability are available in the security advisory as well as the special Fix It Page. |