• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
Technical Support: 703-288-7230
  • Call: +1-866-531-1990
  • Contact Us
  • Blog
Nortec Communications

Nortec Communications

IT Services & Solutions

Menu
  • Cloud
    • Explore the Cloud
    • Why Nortec?
    • IT Cloud Consulting
    • Microsoft Partner
  • Cloud
      • Explore the Cloud

        Nortec is the best at cloud.

          • Managed Cloud Services
            • Managed Cloud Portal
            • Managed Modern Workplace
            • Managed Microsoft Teams
            • Data Center
            • Managed Backup and Data Recovery
          • Remote Workforce Solutions
            • Communications & Collaboration
            • Cloud Administration
            • Desktop Management
            • Remote Worker Cybersecurity
          • Cloud Cybersecurity
            • Mobile Device Management
            • Identity Management
            • Threat Protection
            • Cybersecurity Training
          • Cloud Infrastructure
            • Azure Services
            • Data Center
            • Hybrid Cloud Computing
          • Solutions
            • On-premise Mitel
            • Microsoft 365
            • Teams
            • Azure
            • Microsoft Licensing
          • Resources
            • Ebooks
            • Cloud pricing calculator
            • Checklists
            • Case Studies
            • Consultation
            • Blog
      • Why Nortec?
      • IT Cloud Consulting
      • Microsoft Partner
  • Services
    • Managed IT Services
    • Cybersecurity
      • Identity Management
      • Cybersecurity Awareness Training
      • MDM Solutions
      • Endpoint Security
      • Cybersecurity Consultant
    • Communications Systems
      • Cloud Phones
      • Microsoft Teams
      • Managed Microsoft Teams
      • On-premise Mitel
      • Mitel Support
    • Microsoft Partner
      • Microsoft Teams
      • Azure Services
      • MDM Software
      • Microsoft 365
      • Microsoft Windows 10
      • Microsoft Licensing
    • Network Architecture
  • Resources
    • Blog
    • Checklists
    • Videos
    • Infographics
    • Ebooks
    • Case Studies
    • News
  • About Nortec
    • Our Methodology
    • Core Values
    • Leadership
    • Vendor Awards & Competencies
    • Careers
  • Support
  • Contact
  • Book A Consultation

Microsoft Windows New Threat

Time to update your Windows XP, Windows 2003 Server and older Windows versions – Here is the Security bullitin from Microsoft:

Microsoft Security Advisory (971778)
Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution
Published: May 28, 2009


Version: 1.0

Microsoft is investigating new public reports of a new vulnerability in Microsoft DirectX. The vulnerability could allow remote code execution if user opened a specially crafted QuickTime media file. Microsoft is aware of limited, active attacks that use this exploit code. While our investigation is ongoing, our investigation so far has shown that Windows 2000 Service Pack 4, Windows XP, and Windows Server 2003 are vulnerable; all versions of Windows Vista and Windows Server 2008 are not vulnerable. Microsoft has activated its Software Security Incident Response Process (SSIRP) and is continuing to investigate this issue.
Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers. This may include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs.

We are actively working with partners in our Microsoft Active Protections Program (MAPP) and our Microsoft Security Response Alliance (MSRA) program to provide information that they can use to provide broader protections to customers.
Mitigating Factors:

In a Web-based attack scenario, an attacker would have to host a Web site that contains a Web page that is used to exploit this vulnerability. An attacker would have no way to force users to visit a malicious Web site. Instead, an attacker would have to convince them to visit the Web site, typically by getting them to click a link that takes them to the attacker’s Web site. After they click the link, they would be prompted to perform several actions. An attack could only occur after they performed these actions.

An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

All versions of Windows Vista and Windows Server 2008 are not affected by this issue.

Link to fix issue:
http://support.microsoft.com/kb/971778

Primary Sidebar

Recent Posts

  • Which Azure Support Plan Is Right for Your Business
  • 7 Reasons Your Business Needs Data Recovery and Backup
  • Top 8 Questions About Azure Pricing
  • Without Backups You’re Gambling with Your Business’ Future
  • Everything You Need to Know About Azure Pricing

Footer

nortec logo white

Serving the Atlantic Region from FL to PA

Washington, D.C.

7531 Leesburg Pike, Suite 300, Falls Church, VA 22043

Pittsburgh

102 Broadway Street, Suite #410, Carnegie, PA 15106

Need Support?

703-288-7230 helpdesk@nortec.com

Copyright © 2021 Nortec Communications, Inc. All Rights Reserved.