DIRECTSHOW, a framework for playing various media types, is being exploited in the wild in older versions of Windows, Microsoft has warned.
In a statement, the Vole said that the attacks use malicious Quicktime media files and can cause remote code execution in the context of the logged-in user.
There is no patch for the vulnerability yet, but Microsoft has created a workaround registry script that you can download and run, at the Knowledge Base Article 971778.
The flaw apparently is in Directshow versions 7, 8 and 9 in Windows 2000, Windows XP and Windows Server 2003. Windows Vista, Windows Server 2008 and Windows 7 don't seem to have the problem. µ
Next-gen devices enabled by integrating novel materials on silicon
Plus there's a new way to read comics in town
Find out which six games have most impressed us so far this year
Video shows off upcoming handset in Rose Gold compared to iPhone 6S predecessor