Intrusion Prevention

MS.Windows.DirectShow.Dll.Hijacking

Description

This indicates an attack attempt against a DLL Hijacking vulnerability in Microsoft DirectShow.
The vulnerability exists because of the way that Windows DirectShow handles the loading of DLL files. An attacker who successfully exploits this vulnerability could take complete control of an affected system.

Affected Products

Windows XP Media Center Edition 2005 Service Pack 3
Windows XP Service Pack 3
Windows XP Professional x64 Edition Service Pack 2
Windows Vista Service Pack 1
Windows Vista Service Pack 2
Windows Vista x64 Edition Service Pack 1
Windows Vista x64 Edition Service Pack 2
Windows 7 for 32-bit Systems
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems
Windows 7 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Media Center TV Pack for Windows Vista (32-bit editions)
Windows Media Center TV Pack for Windows Vista (64-bit editions)

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the latest update from the vendor.
Windows XP Media Center Edition 2005 Service Pack 3
http://www.microsoft.com/downloads/details.aspx?familyid=B1BE30DE-7E88-467D-AEE2-68F88E6A7355
Windows XP Service Pack 3
http://www.microsoft.com/downloads/details.aspx?familyid=D8284BFA-ED6C-4647-9FB0-588E53173775
Windows XP Professional x64 Edition Service Pack 2
http://www.microsoft.com/downloads/details.aspx?familyid=5270B5D3-3720-42A2-A8CF-67089C0CC658
Windows Vista Service Pack 1 and Windows Vista Service Pack 2
http://www.microsoft.com/downloads/details.aspx?familyid=F9F1DDE2-2219-4BF1-A497-EDD011577B96
Windows Vista x64 Edition Service Pack 1 and Windows Vista x64 Edition Service Pack 2
http://www.microsoft.com/downloads/details.aspx?familyid=E11D00DF-D1CF-4A33-A1BE-6721CDFF5995
Windows 7 for 32-bit Systems and Windows 7 for 32-bit Systems Service Pack 1
http://www.microsoft.com/downloads/details.aspx?familyid=1BE77DAA-29B1-4DAE-A87F-2CB8F7E6A305
Windows 7 for x64-based Systems and Windows 7 for x64-based Systems Service Pack 1
http://www.microsoft.com/downloads/details.aspx?familyid=56FB24CE-65C7-4573-B613-E424CCC1A3A6
Windows Server 2008 R2 for x64-based Systems and Windows Server 2008 R2 for x64-based Systems Service Pack 1
http://www.microsoft.com/downloads/details.aspx?familyid=6F45658A-1DB8-4EF5-B840-4D0180D4D90E
Windows Media Center TV Pack for Windows Vista (32-bit editions)
http://www.microsoft.com/downloads/details.aspx?familyid=1BC240B3-1938-4350-B26F-67B81A79F8A0
Windows Media Center TV Pack for Windows Vista (64-bit editions)
http://www.microsoft.com/downloads/details.aspx?familyid=CD4C5A80-DB24-4696-A248-1286C3B9F550

CVE References

CVE-2011-0032