'Critical' flaw found in Windows

shawshank62 · July 24th, 2003, 12:43 PM

The flaw involves DirectX, an extensive collection of programming add-ons for Windows used by computer games.

If exploited, the flaw could allow a malicious hacker to run their own specially crafted computer code to plant a virus or even take over a machine.

Microsoft has given the flaw its highest severity rating.

Music mayhem

The flaw affects a large number of the versions of Microsoft Windows in use.

Embarrassingly for Microsoft one of the products affected is Windows Server 2003.

This was supposed to be much more secure as it was one of the first products to go through Microsoft's improved systems for weeding out bugs and security problems.

On Windows Server 2003 the bug is only rated as "important" by Microsoft because the default settings would not allow such a program to be run.

The vulnerability comes about because of the way that a part of DirectX, called DirectShow, handles MIDI or music files.

MIDI, or Musical Instrument Digital Interface, defines a standardised way of swapping music information between computers, music keyboards and synthesisers.

The flaw, found by eEye Security, would allow a specially crafted MIDI instruction to swamp the cache, or buffer, in DirectX and allow a hidden program within it to run on the target machine.

Such buffer overflow bugs are quite a common way for malicious programs to infect a machine.

Microsoft has issued an alert about the flaw and a patch to close the loophole. It said that currently there were no known exploits of the bug.

The instruction could get into a computer by being put on a webpage.

It can also be put into an e-mail message that uses web formatting.

The DirectX flaw is the latest in a series of security problems that Microsoft has warned about over the last few weeks.

Vulnerable Software
DirectX 5.2 on Windows 98
DirectX 6.1 on Windows 98 SE
DirectX 7.0a on Windows Me
DirectX 7.0 on Windows 2000
DirectX 8.1 on Windows XP
DirectX 8.1 on Windows Server 2003
DirectX 9.0a on Windows 2000
DirectX 9.0a on Windows XP
DirectX 9.0a on Windows Server 2003
DirectX 9.0a on Windows Me
NT 4.0 using Media Player 6.4 or Internet Explorer 6 Service Pack 1
NT 4.0 Terminal Server Edition using either Media Player 6.4 or Internet Explorer 6 Service Pack 1

Quote:

http://news.bbc.co.uk/

SeanC · July 24th, 2003, 01:07 PM

Forget embarrassing about it being in 2003 Svr. How about embarrasing that it's been in DirectX since version 5.2?

That's a long time for such a severe flaw to not be noticed by anyone, especially MS's programmers.

Sean

Manfordjinsen · July 24th, 2003, 01:49 PM

That has to be the best avatar I have ever seen

July 24th, 2003, 02:55 PM

Doesn't mention DirectX 9.0b, which is available, and has passed my gaming tests on multiple systems. I'm assuming the recent release either adresses the issue, or wasn't included in the article.

wju425 · July 24th, 2003, 03:18 PM

Jeez... 32megs download? Well, downloading Directx 9.0b now with my old zoltrix 56k. <sigh>

\o/ Billy

shawshank62 · July 24th, 2003, 03:24 PM

i believe one of the main reasons for dx9.0b was because of the security issues.....i also have d/led it and it works good.

JohnE. · July 24th, 2003, 03:52 PM

Where do you find DirectX 9.0b? The DirectX site still only shows DirectX 9.0a as being available on the main download page.

thekingofpain · July 24th, 2003, 04:10 PM

You can d/l it here:http://www.neowin.net/comments.php?i...elease%2007-24

Gait_Keeper · July 24th, 2003, 04:12 PM

WOW! since v 5.2 very funny and scary at the same time

Kudos to eEye

also where is 9b download?

thekingofpain · July 24th, 2003, 04:26 PM

Quote:

also where is 9b download?

Look at the post above yours---