|« View all Symantec Security Threatcon Articles
Symantec Security Threatcon Status for 2009-06-06
The ThreatCon is at level 1. Microsoft has released an out-of-cycle security bulletin and workarounds that address a serious flaw affecting Microsoft DirectX. DirectShow is prone to a vulnerability that can lead to code execution when a specially crafted QuickTime media file is viewed. This vulnerability is being exploited in the wild in limited attacks. Since notification of the vulnerability on March 28, 2009, no widespread attacks have been seen.
For more information, see the following:
New vulnerability in quartz.dll Quicktime parsing
Microsoft Security Advisory (971778)
Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution