Security Research & Defense

Information from Microsoft about vulnerabilities, mitigations and workarounds, active attacks, security research, tools and guidance

Browse by Tags

Related Posts
  • Blog Post: MIDI PoC not exploitable for code execution

    On Wednesday, a PoC was posted to milw0rm describing an “integer overflow” in Windows Media Player. We investigated the .mid file and found it to be a duplicate of a non-exploitable crash previously posted publicly on Bugtraq around Christmas, four months ago. We blogged about this same issue here: http...
  • Blog Post: MS08-033: So what breaks when you ACL quartz.dll?

    In some of the multimedia MSRC bulletins that have been released there is a workaround listed about changing ACL’s on Quartz.dll. So, what exactly breaks when we ACL Quartz.dll? Quartz.dll is a core component of the DirectShow framework. Originally a component of DirectX, DirectShow eventually took...
  • Blog Post: New vulnerability in quartz.dll Quicktime parsing

    Recently, we found a remote code execution vulnerability in Microsoft’s DirectShow platform (quartz.dll) when processing the QuickTime format. We have released advisory 971778 providing guidance to help protect customers. We’d like to go into more detail in this blog to help you understand: Which...
  • Blog Post: Windows Media Player crash not exploitable for code execution

    On Christmas Day, the MSRC opened a case tracking a Bugtraq-posted POC describing a “malformed WAV,SND,MID file which can lead to a remote integer overflow”. By Saturday evening, we saw reputable internet sources claiming this bug could lead to executing arbitrary code on the system. We investigated...