Microsoft DirectX under hacking attack
Hackers are using booby-trapped QuickTime files to take control of unwitting user’s computers, through an unpatched vulnerability.
Microsoft has warned of hackers using maliciously manipulated QuickTime format files to exploit a flaw in DirectX.
The problem is in the way that Microsoft DirectShow handles the QuickTime files, with reports of criminals already using the flaw to carry out attacks.
Older versions of Windows such as Windows XP, Windows 2000 and Windows Server 2003 are all under risk of attack.
However, Microsoft said that the vulnerable code had been taken while building Windows Vista, so Vista and any versions that came out afterward - which would include Windows Server 2008 and Windows 7 - are not vulnerable to the flaw.
The Microsoft Security Response Centre said: "An attacker would try and exploit the vulnerability by crafting a specially formed video file and then posting it on a website or sending it as an email."
"While this isn't a browser vulnerability, because the vulnerability is in DirectShow, a browser based vector is potentially accessible through any browser using media plug-ins that use DirectShow," it added.
"Also, we've verified that it is possible to direct calls to DirectShow specifically, even if Apple's Quicktime (which is not vulnerable) is installed," the security researchers explained.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
Microsoft has three workarounds for the problem, but the simplest way that disables Quicktime parsing is to click a Fix It' button here, which will make changes to the registry.
Microsoft is still investigating the issue, which will be fixed in a security update through its monthly patch process, or by an out-of-cycle security update.
Microsoft recently had an update problem with SharePoint as well a flaw in its Internet Information Services (IIS).