Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution

"Microsoft is investigating new public reports of a new vulnerability in
Microsoft DirectX. The vulnerability could allow remote code execution
if user opened a specially crafted QuickTime media file. Microsoft is
aware of limited, active attacks that use this exploit code. While our
investigation is ongoing, our investigation so far has shown that
Windows 2000 Service Pack 4, Windows XP, and Windows Server 2003 are
vulnerable; all versions of Windows Vista and Windows Server 2008 are
not vulnerable. Microsoft has activated its Software Security Incident
Response Process (SSIRP) and is continuing to investigate this issue."

An attacker would have to coerce a victim into visiting a malicious web

Microsoft offers the following suggestions to avoid the issue until they
release an official patch.

1) Disable the parsing of QuickTime content in quartz.dll
2) Modify the Access Control List (ACL) on quartz.dll
3) Unregister quartz.dll
4) For non-multimedia folder types, the Windows shell attack vector can
be mitigated by using Windows Classic Folders