Home Page | Skip to Navigation | Skip to Content | Skip to Search | Skip to Footer

DirectShow QuickTime Vulnerability

Check Point provides immediate protection

(CVE-2009-1537)
A remote code execution vulnerability has been discovered in Microsoft’s DirectShow QuickTime Movie Parser filter. As of the time of this writing there is no patch available from Microsoft. Check Point's Security Update team has confirmed that there are exploits available in the wild that use this vulnerability. Successful exploitation may allow an attacker to take complete control of a target system

Microsoft DirectShow is used on Microsoft operating systems for capture and playback of high-quality multimedia streams. The QuickTime Movie Parser filter splits Apple QuickTime data into audio and video streams. A remote attacker could exploit this issue via a malformed QuickTime file, enabling the execution of arbitrary code on the target system.

Since June 1st Check Point has provided immediate protection against exploits that use this vulnerability through its integrated IPS offerings, including SmartDefense Services and the new IPS Software Blade. For more information, see CPAI-2009-136.