(Apparently not needed on XP SP2)
TITLE: Microsoft Windows DirectShow AVI Handling Vulnerability SECUNIA ADVISORY ID: SA17160 VERIFY ADVISORY: http://secunia.com/advisories/17160/ CRITICAL: Highly critical IMPACT: System access WHERE: >From remote SOFTWARE: Microsoft DirectX 8.x http://secunia.com/product/1914/ Microsoft DirectX 7.x http://secunia.com/product/1913/ Microsoft DirectX 9.x http://secunia.com/product/1915/ DESCRIPTION: A vulnerability has been reported in Microsoft Windows DirectShow, which can be exploited by malicious people to compromise a users system. The vulnerability is caused due to an unchecked buffer in DirectShow. This can be exploited to execute arbitrary code. Successful exploitation requires that the user open a maliciously crafted AVI file. SOLUTION: Apply patches. Microsoft DirectX 7.0 on Microsoft Windows 2000 (requires Service Pack 4): http://www.microsoft.com/downloads/details.aspx?FamilyId=2feffe6c-6c1c-42d9-b15e-f8f8d9c0e60e Microsoft DirectX 8.1 on Microsoft Windows XP (requires Service Pack 1 or 2): http://www.microsoft.com/downloads/details.aspx?FamilyId=2636cfce-49ea-4d06-80ba-21a84f3658a5 Microsoft DirectX 8.1 on Microsoft Windows XP Professional x64 Edition: http://www.microsoft.com/downloads/details.aspx?FamilyId=ef614cdc-1db5-4b5c-8440-714941799a9f Microsoft DirectX 8.1 on Microsoft Windows Server 2003 (with and without Service Pack 1): http://www.microsoft.com/downloads/details.aspx?FamilyId=66f44766-3741-4c83-aa5f-1b3498131dd9 Microsoft DirectX 8.1 on Microsoft Windows Server 2003 (Itanium) (with and without Service Pack 1): http://www.microsoft.com/downloads/details.aspx?FamilyId=7f8342a0-2462-46d3-9e40-262f72db68a6 Microsoft DirectX 8.1 on Microsoft Windows Server 2003 x64 Edition: http://www.microsoft.com/downloads/details.aspx?FamilyId=76c3815c-a966-49eb-825f-1b8454c09bbf Microsoft DirectX 8.0, 8.0a, 8.1, 8.1a, 8.1b, and 8.2 on Windows 2000 (requires Service Pack 4): http://www.microsoft.com/downloads/details.aspx?FamilyId=FEDC7212-27B8-4993-9965-53E9298DB386 Microsoft DirectX 9.0, 9.0a, 9.0b, and 9.0c on Windows 2000 (requires Service Pack 4): http://www.microsoft.com/downloads/details.aspx?FamilyId=1853AD1F-92C8-4C2B-8F52-9B2FC8DBF769 Microsoft DirectX 9.0, 9.0a, 9.0b, and 9.0c on Windows XP (requires Service Pack 1): http://www.microsoft.com/downloads/details.aspx?FamilyId=36FBED29-E264-4BC7-AB48-2CC4A59ACAA1 Microsoft DirectX 9.0, 9.0a, 9.0b, and 9.0c on Windows Server 2003: http://www.microsoft.com/downloads/details.aspx?FamilyId=6083BA2D-4F1A-4900-8F7D-A32CB41CB5FA ORIGINAL ADVISORY: MS05-050 (KB904706): http://www.microsoft.com/technet/security/Bulletin/MS05-050.mspx ============= PCWorks Mailing List ================= Don't see your post? Check our posting guidelines & make sure you've followed proper posting procedures, http://pcworkers.com/rules.htm Contact list owner <[EMAIL PROTECTED]> Unsubscribing and other changes: http://pcworkers.com =====================================================
