A vulnerability in the DirectX component DirectShow could allow remote
code execution when users open a malicious Quicktime file.
Exploits for this vulnerability have been reported in the wild and
confirmed by Microsoft.
"Microsoft has implemented a workaround for the vulnerability that can
be automatically applied to affected Windows systems to "disable the
parsing of QuickTime content in quartz.dll." (first URL)
It is advised that the fix be used until an official patch has been