Booby-trapped DirectX files now being used by hackers

Whilst most PC users probably won't be aware of using DirectX-enabled applications or files, they will be familiar with Apple Quicktime files, which is what the hackers are reportedly using as a vehicle for the security flaw exploitation.

The coding flaw opening systems to hackers, stems from the way in which Microsoft's DirectShow application handles the QuickTime files.

Vista users may to be exempt from the security problem, Infosecurity notes, as Microsoft stripped out the DirectShow code from the kernel of the operating system. This - in theory at least (but see below) - means that Windows Server 2008 and Windows 7 users should also bypass the issue.

Users of Windows XP, Windows Server 2003 and Windows 2000 are not so lucky, however, as Microsoft says that hackers typically try and exploit the vulnerability by crafting a specially formed malicious video file and then posting it on a website or sending it as an email.

"While this isn't a browser vulnerability, because the vulnerability is in DirectShow, a browser based vector is potentially accessible through any browser using media plug-ins that use DirectShow", says Microsoft.

In plain English, this suggests that users of Windows Vista and Windows Server 2008 may be susceptible to the security flaw where they have downloaded third-party applications that support Microsoft's DirectX facilitates.

There are many different solutions to the security problem, but Microsoft has issued a patch that should solve matters.

The good news is that Microsoft's R&D staff are reported to be investigating the security problem and should issue a full patch as part of the Patch Tuesday process in due course.

What’s Hot on Infosecurity Magazine?