, 2009-07-06
A 0-Day vulnerability that's being used to exploit Microsoft DirectShow has been discovered in the wild.
Drive-by attacks using thousands of compromised websites are reportedly involved.
SANS Internet Storm Center has details (including a killbit) in their Handler's Diary. There is not yet a Microsoft Advisory.
We detect the exploit as Exploit:W32/Agent.LBV.
The exploit targets Microsoft Internet Explorer… so one work around is kind of obvious.
Use some other browser besides Internet Explorer until this vulnerability is patched.
On 06/07/09 At 02:36 PM
