Microsoft warnt vor kritischer Sicherheitslücke in ActiveX

Supernature

Und jetzt?
Teammitglied
Microsoft warnt vor einer kürzlich entdeckten Sicherheitslücke im DirectShow Filter. Betrachtet man auf einer entsprechend manipulierten Webseite ein Video, kann ein Angreifer per Remotezugriff Aktionen mit den selben Rechten des aktuell angemeldeten Benutzers ausführen.
Dies ist besonders kritisch, weil unter WindowsXP der Großteil aller Anwender mit Adminrechten im Internet surft.
Wie Symantec berichtet, sind im asiatischen Raum bereits tausende Webserver mit dem Exploit infiziert.

Betroffen sind von der Sicherheitslücke Windows XP und Windows Server 2003.
Obwohl der Exploit unter Vista und Windows Server 2008 nicht ausgenutzt werden kann, empfiehlt Microsoft dennoch, den Schnellfix einzuspielen, der auf dieser Seite veröffentlicht wurde:
Microsoft Security Advisory: Vulnerability in Microsoft Video ActiveX control could allow remote code execution
 
Ich wusste, dass mir das irgendwie bekannt vorkam :D

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256


********************************************************************
Title: Microsoft Security Advisory Notification
Issued: July 6, 2009
********************************************************************

Security Advisories Updated or Released Today
==============================================

* Microsoft Security Advisory (972890)
- Title: Vulnerability in Microsoft Video ActiveX
Control Could Allow Remote Code Execution
- http://www.microsoft.com/technet/security/advisory/972890.mspx
- Revision Note: Advisory published.


Other Information
=================

Recognize and avoid fraudulent e-mail to Microsoft customers:
=============================================================
If you receive an e-mail message that claims to be distributing
a Microsoft security update, it is a hoax that may contain
malware or pointers to malicious Web sites. Microsoft does
not distribute security updates via e-mail.

The Microsoft Security Response Center (MSRC) uses PGP to digitally
sign all security notifications. However, it is not required to read
security notifications, security bulletins, security advisories, or
install security updates. You can obtain the MSRC public PGP key at
https://www.microsoft.com/technet/security/bulletin/pgp.mspx.

To receive automatic notifications whenever Microsoft Security
Bulletins and Microsoft Security Advisories are issued or revised,
subscribe to Microsoft Technical Security Notifications on
http://www.microsoft.com/technet/security/bulletin/notify.mspx.


********************************************************************
THE INFORMATION PROVIDED IN THIS MICROSOFT COMMUNICATION IS
PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT
DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING
THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE.
IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE
LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT,
INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL
DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN
ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY
FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING
LIMITATION MAY NOT APPLY.
********************************************************************

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.9.0 (Build 397)
Charset: utf-8

wsFVAwUBSlIwo2A17vDdGxdTAQhmghAAoVD0nzAAvK2bMjUIvFcAHWfopCvI7s9G
GwSSgS2gs9fEhBgs63qGMdVCFZ7ZvjkWe9aGLcIVDsTENCovz0jaAod1dNAYtXBS
TSlKa1gtsEqDctTrJrw/m62DanSfnmhRiDHKJbS1W7jvF+iTkzTZbjQxIVphKrCL
r5oGz2yitgD9ispJm8oPFNg/auOQMB2iQi/kpTtMUz2I0ARawz62BJwPcQS4hJWl
S2EXwHqQFIKBfS8d0ddF0Kh3J3ODwhmbQgBeHKC/5TBZpupATVbeZ3l8753f/naG
NRhWImVm09ZEdM5OO06UDNAL0SVavzoJcOKTdHIonlFGtoMoxseDFOYhgYuvnK9/
EgfzUvKOgUMfEIwJIy3R7Xeh+NVyRZPcYIto+o/9erjXuDpjYtI7X+x+lRBN1TeR
KQMoAFBkMOF7wIbafpaBjwAtg7z6zwlyM3y9yc0NouwhHHTW7zcI26VH6zaImh2c
6S/ULjEKg5pD/1TaT/sVZaM7RbK3B3Sph/sqXT+ZoUWVF/T8B05eCz/tOXIqNQtD
cQPOpZ+ibtWJxIaR36hLQmbXRPTPW9I8CJIV2HR3CQlqEROFCkGXWQLRJUsvqfIW
DibepRv+yP6rofF0oMtp7MGN+MPkG93X8JsbByBoZy5zedpF0fDNraSLCGy/QrU+
Wk1HdRnaGhw=
=h2Cx
-----END PGP SIGNATURE-----


To cancel your subscription to this newsletter, reply to this message with the word UNSUBSCRIBE in the Subject line. You can also unsubscribe at the Microsoft.com web site <http://www.microsoft.com/misc/unsubscribe.htm>. You can manage all your Microsoft.com communication preferences at this site.

Legal Information <http://www.microsoft.com/info/legalinfo/default.mspx>.

This newsletter was sent by the Microsoft Corporation
1 Microsoft Way
Redmond, Washington, USA
98052
Die maschinelle Übersetzung ist leider Schrott, ich hab nichts verstanden. (n)
Englisches Original: http://support.microsoft.com/kb/972890/en-us/

Auf der im Advisory verlinkten Seite stehen verschiedene Schlüssel:
http://www.microsoft.com/technet/security/advisory/972890.mspx

Also "Enable workaround" bewirkt lediglich verschiedene Reg-Einträge:

REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\Internet Explorer\ActiveX Compatibility\{011B3619-FE63-4814-8A84-15A194CE9CE3}]
"Compatibility Flags"=dword:00000400

[HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\Internet Explorer\ActiveX Compatibility\{0149EEDF-D08F-4142-8D73-D23903D21E90}]
"Compatibility Flags"=dword:00000400

[HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\Internet Explorer\ActiveX Compatibility\{0369B4E5-45B6-11D3-B650-00C04F79498E}]
"Compatibility Flags"=dword:00000400

[HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\Internet Explorer\ActiveX Compatibility\{0369B4E6-45B6-11D3-B650-00C04F79498E}]
"Compatibility Flags"=dword:00000400

[HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\Internet Explorer\ActiveX Compatibility\{055CB2D7-2969-45CD-914B-76890722F112}]
"Compatibility Flags"=dword:00000400

[HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\Internet Explorer\ActiveX Compatibility\{0955AC62-BF2E-4CBA-A2B9-A63F772D46CF}]
"Compatibility Flags"=dword:00000400

[HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\Internet Explorer\ActiveX Compatibility\{15D6504A-5494-499C-886C-973C9E53B9F1}]
"Compatibility Flags"=dword:00000400

[HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\Internet Explorer\ActiveX Compatibility\{1BE49F30-0E1B-11D3-9D8E-00C04F72D980}]
"Compatibility Flags"=dword:00000400

[HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\Internet Explorer\ActiveX Compatibility\{1C15D484-911D-11D2-B632-00C04F79498E}]
"Compatibility Flags"=dword:00000400

[HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\Internet Explorer\ActiveX Compatibility\{1DF7D126-4050-47F0-A7CF-4C4CA9241333}]
"Compatibility Flags"=dword:00000400

[HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\Internet Explorer\ActiveX Compatibility\{2C63E4EB-4CEA-41B8-919C-E947EA19A77C}]
"Compatibility Flags"=dword:00000400

[HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\Internet Explorer\ActiveX Compatibility\{334125C0-77E5-11D3-B653-00C04F79498E}]
"Compatibility Flags"=dword:00000400

[HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\Internet Explorer\ActiveX Compatibility\{37B0353C-A4C8-11D2-B634-00C04F79498E}]
"Compatibility Flags"=dword:00000400

[HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\Internet Explorer\ActiveX Compatibility\{37B03543-A4C8-11D2-B634-00C04F79498E}]
"Compatibility Flags"=dword:00000400

[HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\Internet Explorer\ActiveX Compatibility\{37B03544-A4C8-11D2-B634-00C04F79498E}]
"Compatibility Flags"=dword:00000400

[HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\Internet Explorer\ActiveX Compatibility\{418008F3-CF67-4668-9628-10DC52BE1D08}]
"Compatibility Flags"=dword:00000400

[HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\Internet Explorer\ActiveX Compatibility\{4A5869CF-929D-4040-AE03-FCAFC5B9CD42}]
"Compatibility Flags"=dword:00000400

[HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\Internet Explorer\ActiveX Compatibility\{577FAA18-4518-445E-8F70-1473F8CF4BA4}]
"Compatibility Flags"=dword:00000400

[HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\Internet Explorer\ActiveX Compatibility\{59DC47A8-116C-11D3-9D8E-00C04F72D980}]
"Compatibility Flags"=dword:00000400

[HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\Internet Explorer\ActiveX Compatibility\{7F9CB14D-48E4-43B6-9346-1AEBC39C64D3}]
"Compatibility Flags"=dword:00000400

[HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\Internet Explorer\ActiveX Compatibility\{823535A0-0318-11D3-9D8E-00C04F72D980}]
"Compatibility Flags"=dword:00000400

[HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\Internet Explorer\ActiveX Compatibility\{8872FF1B-98FA-4D7A-8D93-C9F1055F85BB}]
"Compatibility Flags"=dword:00000400

[HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\Internet Explorer\ActiveX Compatibility\{8A674B4C-1F63-11D3-B64C-00C04F79498E}]
"Compatibility Flags"=dword:00000400

[HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\Internet Explorer\ActiveX Compatibility\{8A674B4D-1F63-11D3-B64C-00C04F79498E}]
"Compatibility Flags"=dword:00000400

[HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\Internet Explorer\ActiveX Compatibility\{9CD64701-BDF3-4D14-8E03-F12983D86664}]
"Compatibility Flags"=dword:00000400

[HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\Internet Explorer\ActiveX Compatibility\{9E77AAC4-35E5-42A1-BDC2-8F3FF399847C}]
"Compatibility Flags"=dword:00000400

[HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\Internet Explorer\ActiveX Compatibility\{A1A2B1C4-0E3A-11D3-9D8E-00C04F72D980}]
"Compatibility Flags"=dword:00000400

[HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\Internet Explorer\ActiveX Compatibility\{A2E3074E-6C3D-11D3-B653-00C04F79498E}]
"Compatibility Flags"=dword:00000400

[HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\Internet Explorer\ActiveX Compatibility\{A2E30750-6C3D-11D3-B653-00C04F79498E}]
"Compatibility Flags"=dword:00000400

[HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\Internet Explorer\ActiveX Compatibility\{A8DCF3D5-0780-4EF4-8A83-2CFFAACB8ACE}]
"Compatibility Flags"=dword:00000400

[HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\Internet Explorer\ActiveX Compatibility\{AD8E510D-217F-409B-8076-29C5E73B98E8}]
"Compatibility Flags"=dword:00000400

[HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\Internet Explorer\ActiveX Compatibility\{B0EDF163-910A-11D2-B632-00C04F79498E}]
"Compatibility Flags"=dword:00000400

[HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\Internet Explorer\ActiveX Compatibility\{B64016F3-C9A2-4066-96F0-BD9563314726}]
"Compatibility Flags"=dword:00000400

[HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\Internet Explorer\ActiveX Compatibility\{BB530C63-D9DF-4B49-9439-63453962E598}]
"Compatibility Flags"=dword:00000400

[HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\Internet Explorer\ActiveX Compatibility\{C531D9FD-9685-4028-8B68-6E1232079F1E}]
"Compatibility Flags"=dword:00000400

[HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\Internet Explorer\ActiveX Compatibility\{C5702CCC-9B79-11D3-B654-00C04F79498E}]
"Compatibility Flags"=dword:00000400

[HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\Internet Explorer\ActiveX Compatibility\{C5702CCD-9B79-11D3-B654-00C04F79498E}]
"Compatibility Flags"=dword:00000400

[HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\Internet Explorer\ActiveX Compatibility\{C5702CCE-9B79-11D3-B654-00C04F79498E}]
"Compatibility Flags"=dword:00000400

[HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\Internet Explorer\ActiveX Compatibility\{C5702CCF-9B79-11D3-B654-00C04F79498E}]
"Compatibility Flags"=dword:00000400

[HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\Internet Explorer\ActiveX Compatibility\{C5702CD0-9B79-11D3-B654-00C04F79498E}]
"Compatibility Flags"=dword:00000400

[HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\Internet Explorer\ActiveX Compatibility\{C6B14B32-76AA-4A86-A7AC-5C79AAF58DA7}]
"Compatibility Flags"=dword:00000400

[HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\Internet Explorer\ActiveX Compatibility\{CAAFDD83-CEFC-4E3D-BA03-175F17A24F91}]
"Compatibility Flags"=dword:00000400

[HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\Internet Explorer\ActiveX Compatibility\{D02AAC50-027E-11D3-9D8E-00C04F72D980}]
"Compatibility Flags"=dword:00000400

[HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\Internet Explorer\ActiveX Compatibility\{F9769A06-7ACA-4E39-9CFB-97BB35F0E77E}]
"Compatibility Flags"=dword:00000400

[HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\Internet Explorer\ActiveX Compatibility\{FA7C375B-66A7-4280-879D-FD459C84BB02}]
"Compatibility Flags"=dword:00000400
Unter "Disable workaround" steht nichts, ich vermute, die obigen Einträge werden gelöscht.
Es werden keine Dateien installiert.

Ich sehe grad, bei mir ist das schon alles so eingetragen (und ein paar mehr) in diesem Zweig:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility
 
Nächste Lücke:
Vulnerability in Microsoft Office Web Components control could allow remote code execution
http://www.microsoft.com/technet/security/advisory/973472.mspx

Betroffene Software:
Microsoft Office XP Service Pack 3
Microsoft Office 2003 Service Pack 3
Microsoft Office XP Web Components Service Pack 3
Microsoft Office 2003 Web Components Service Pack 3
Microsoft Office 2003 Web Components for the 2007 Microsoft Office system Service Pack 1
Microsoft Internet Security and Acceleration Server 2004 Standard Edition Service Pack 3
Microsoft Internet Security and Acceleration Server 2004 Enterprise Edition Service Pack 3
Microsoft Internet Security and Acceleration Server 2006
Internet Security and Acceleration Server 2006 Supportability Update
Microsoft Internet Security and Acceleration Server 2006 Service Pack 1
Microsoft Office Small Business Accounting 2006
Englisches Original mit Download (Fixit)
http://support.microsoft.com/kb/973472

Registry
Code:
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\Internet Explorer\ActiveX Compatibility\{0002E541-0000-0000-C000-000000000046}]
"Compatibility Flags"=dword:00000400

[HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\Internet Explorer\ActiveX Compatibility\{0002E559-0000-0000-C000-000000000046}]
"Compatibility Flags"=dword:00000400

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256


********************************************************************
Title: Microsoft Security Advisory Notification
Issued: July 13, 2009
********************************************************************

Security Advisories Updated or Released Today
==============================================

* Microsoft Security Advisory (973472)
- Title: Vulnerability in Microsoft Office Web
Components Control Could Allow Remote Code Execution
- http://www.microsoft.com/technet/security/advisory/973472.mspx
- Revision Note: Advisory published.


Other Information
=================

Recognize and avoid fraudulent e-mail to Microsoft customers:
=============================================================
If you receive an e-mail message that claims to be distributing
a Microsoft security update, it is a hoax that may contain
malware or pointers to malicious Web sites. Microsoft does
not distribute security updates via e-mail.

The Microsoft Security Response Center (MSRC) uses PGP to digitally
sign all security notifications. However, it is not required to read
security notifications, security bulletins, security advisories, or
install security updates. You can obtain the MSRC public PGP key at
https://www.microsoft.com/technet/security/bulletin/pgp.mspx.

To receive automatic notifications whenever Microsoft Security
Bulletins and Microsoft Security Advisories are issued or revised,
subscribe to Microsoft Technical Security Notifications on
http://www.microsoft.com/technet/security/bulletin/notify.mspx.


********************************************************************
THE INFORMATION PROVIDED IN THIS MICROSOFT COMMUNICATION IS
PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT
DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING
THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE.
IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE
LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT,
INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL
DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN
ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY
FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING
LIMITATION MAY NOT APPLY.
********************************************************************

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.9.0 (Build 397)
Charset: utf-8

wsFVAwUBSlsrp2A17vDdGxdTAQiatxAAsOKNqKgqGqAb6jAgZ4OaY9mxrnG/eeoD
rki4ueEmiDnEnATxYChdbVKbJZMwqglU8iU/03SmlgxHc9OSFnZbqUFpmU8Pjo70
EfyFmJKWd1QUscXCqGWLpVgOATn1RAsM0eEf1BrVcVMaEFa2sALeVQ6DZc9k7Asj
8SXWBNsK8l6Te2AE7+v6DuqXTRS+cVdsNncIYeeoY0uzAKAkGxtOGw+o+93fV/HO
/+prKWSwKRJaaxzb14E0//+bPKTTN5xQ9rxPbDH3cVBdGsQicWu2lgnUiJSk/+ky
ZvTBSVSRh4UnpmSyUu4/HdjuAgseVMMRPkXJ8l8UWGRrfDB1axArf9wNkWFM3Qwt
YGjUfMSexNYniWsdxk9gujdv4WuV8ifutV8STZeG1VvWqcmIDEjepThcGcKSnxkQ
fLOFGFKrmwfe7ajvnCMg4H08jpfeVslnfd5ETGfqxklkjd9PPGb9+CTJiZdLxQL/
RgBjvudWPVhhjzN1c6xCOojzfVY62WaC4HvOALkVpewJdJkbjd2FNKEcAJRDqiaO
TftfOAuvuLmnYT4AEkN1KutslMRoGhPLPm/vpAUxc6n5BX8W4SeJ5CAppkPuEFE2
2e10kJUds8yRoPgLmTW4voEmGcXK9s9NVU+5H9YK0d4nT1VrJuAfpGJRcpHaH3Uo
ErjopjKUq8E=
=SjuC
-----END PGP SIGNATURE-----


To cancel your subscription to this newsletter, reply to this message with the word UNSUBSCRIBE in the Subject line. You can also unsubscribe at the Microsoft.com web site <http://www.microsoft.com/misc/unsubscribe.htm>. You can manage all your Microsoft.com communication preferences at this site.

Legal Information <http://www.microsoft.com/info/legalinfo/default.mspx>.

This newsletter was sent by the Microsoft Corporation
1 Microsoft Way
Redmond, Washington, USA
98052
 
Zuletzt bearbeitet:
Noch ein Fix:

Sicherheitsrisiko in Microsoft DirectShow kann Remotecodeausführung ermöglichen.
Info & Download: http://support.microsoft.com/kb/971778

Diesmal wird bei "enable" etwas gelöscht und bei "disable" hinzugefügt.

Gelöscht (enable, 32bit) wird:
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D51BD5A0-7548-11CF-A520-0080C77EF58A}]

Eingetragen (disable) wird:
Code:
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D51BD5A0-7548-11CF-A520-0080C77EF58A}]
@="QuickTime Movie Parser"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D51BD5A0-7548-11CF-A520-0080C77EF58A}\InprocServer32]
@="C:\\WINDOWS\\system32\\quartz.dll"
"ThreadingModel"="Both"
(die Pfade sind Standardwerte und entsprechend anzupassen,
bei x64 kommt noch Wow6432Node hinzu - daher ist der MS-Fix zu benutzen!)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256


********************************************************************
Title: Microsoft Security Advisory Notification
Issued: July 14, 2009
********************************************************************

Security Advisories Updated or Released Today
==============================================

* Microsoft Security Advisory (972890)
- Title: Vulnerability in Microsoft Video ActiveX
Control Could Allow Remote Code Execution
- http://www.microsoft.com/technet/security/advisory/972890.mspx
- Revision Note: V2.0 (July 14, 2009): Advisory updated to
reflect publication of security bulletin.
* Microsoft Security Advisory (971778)
- Title: Vulnerability in Microsoft DirectShow Could
Allow Remote Code Execution
- http://www.microsoft.com/technet/security/advisory/971778.mspx
- Revision Note: V2.0 (July 14, 2009): Advisory updated to
reflect publication of security bulletin.


Other Information
=================

Recognize and avoid fraudulent e-mail to Microsoft customers:
=============================================================
If you receive an e-mail message that claims to be distributing
a Microsoft security update, it is a hoax that may contain
malware or pointers to malicious Web sites. Microsoft does
not distribute security updates via e-mail.

The Microsoft Security Response Center (MSRC) uses PGP to digitally
sign all security notifications. However, it is not required to read
security notifications, security bulletins, security advisories, or
install security updates. You can obtain the MSRC public PGP key at
https://www.microsoft.com/technet/security/bulletin/pgp.mspx.

To receive automatic notifications whenever Microsoft Security
Bulletins and Microsoft Security Advisories are issued or revised,
subscribe to Microsoft Technical Security Notifications on
http://www.microsoft.com/technet/security/bulletin/notify.mspx.


********************************************************************
THE INFORMATION PROVIDED IN THIS MICROSOFT COMMUNICATION IS
PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT
DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING
THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE.
IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE
LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT,
INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL
DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN
ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY
FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING
LIMITATION MAY NOT APPLY.
********************************************************************

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.9.0 (Build 397)
Charset: utf-8

wsFVAwUBSlzNSGA17vDdGxdTAQiS/xAAkNyK8Jujh6kBZvyXLAhMw8LJpuxiTf4t
SdRC2Av9R/Pq2invbi7b+8i0uEsR/ZC7riMvqwKu3SE+TMzuNhSlkAlPIBUwNAzO
/T/HnAigHQMpu9Ne99A9I4+f6M5m9d/691C0leGjUDbb0hN3TqC9kLlytTQB2Tiw
LUSSK1Fl65foi9cmTtadG2kefuoHQ4JqPWA7JZJ5ulLlrQ6T+InhKEqHN7PTzM9X
BRjMvc9pahI4IY5EDE5HcnsQTPuIb9I8ydzl70HXuVmZQ5vySANcM4ZEwv8+Lnr4
97ztwiswvkO0XEDRUnXVT62uN98Xzry09napbZuodHbV1bdROxzvKWqyrz7RD7sw
Tn3gB7N4SC0LvLFOeUVTOoSqSSeRZ/6Tu3jp7hu2voRkc1ZHRZ4+6DdCTTI2FwEd
jpdBdtnvw4rUhDg/vZ+xFMPEQVYkijvBekR5kFyN5yLHlCDapSfYvfnc9dc7eMP2
JSHVF0AOOaaYLTKM2hWe1wApx6dG+wlwOJrqAp4KmFOMBpU03XBElwkMxBekLUUw
C5teOs/y5dOaDKxmBBwhmQTZlC3+4IQdncP2xb4LC1Lrl1EwcWipWkffkS89/4gb
82+foByLqCJxnS/ROFHojXRRdyWIfRTwra6asuVR31db4cPQfbQTTNKNcRIZvDsQ
bPi9ABe55KU=
=pFKT
-----END PGP SIGNATURE-----


To cancel your subscription to this newsletter, reply to this message with the word UNSUBSCRIBE in the Subject line. You can also unsubscribe at the Microsoft.com web site <http://www.microsoft.com/misc/unsubscribe.htm>. You can manage all your Microsoft.com communication preferences at this site.

Legal Information <http://www.microsoft.com/info/legalinfo/default.mspx>.

This newsletter was sent by the Microsoft Corporation
1 Microsoft Way
Redmond, Washington, USA
98052
 
Oben