Ossim: 0-day in Microsoft DirectShow

July 7, 2009  |  Jaime Blasco

A 0-day exploit in Microsoft Video ActiveX Control is being exploited by malicious sites. Many people is covering this vulnerability and seems that will be widely deployed.

Alienvault’s feed customers are protected and covered with these directives:

  • 45046:AV Possible MSVidCtl Client side attack detected against SRC_IP (KB-972890)
  • 45047:AV Possible Malicious Server exploiting MSVidCt against DST_IP (KB-972890)
  • 45048:AV Possible MSVidCt Client Side Attack against DST_IP from a compromised host (KB-972890)
  • 45049:AV Possible MSVidCtl Client side attack detected against SRC_IP (KB-972890) 2
  • http://isc.sans.org/diary.html?storyid=6733

    http://www.microsoft.com/technet/security/advisory/972890.mspx

    Share this with others

    Get price Free trial