Ossim: 0-day in Microsoft DirectShow

July 7, 2009 | Jaime Blasco

A 0-day exploit in Microsoft Video ActiveX Control is being exploited by malicious sites. Many people is covering this vulnerability and seems that will be widely deployed.

Alienvault’s feed customers are protected and covered with these directives:

  • 45046:AV Possible MSVidCtl Client side attack detected against SRC_IP (KB-972890)
  • 45047:AV Possible Malicious Server exploiting MSVidCt against DST_IP (KB-972890)
  • 45048:AV Possible MSVidCt Client Side Attack against DST_IP from a compromised host (KB-972890)
  • 45049:AV Possible MSVidCtl Client side attack detected against SRC_IP (KB-972890) 2
  • http://isc.sans.org/diary.html?storyid=6733


    Jaime Blasco

    About the Author: Jaime Blasco

    Jaime Blasco is a renowned Security Researcher with broad experience in network security, malware analysis and incident response. At AT&T Cybersecurity, Jaime leads the Alien Labs Intelligence and Research team that leads the charge of researching and integrating threat intelligence into detection mechanisms. Prior to working at AT&T, Jaime was Chief Scientist at AlienVault. Prior to that, he founded a couple of startups (Eazel, Aitsec) working on web application security, source code analysis and incident response. He is based in San Francisco. Jaime's work in emerging threats and targeted attacks is frequently cited in international publications such as New York Times, BBC, Washington Post and Al Jazeera.

    Read more posts from Jaime Blasco ›


    Get price Free trial