Microsoft has released an advisory for a vulnerability in Microsoft DirectShow and updates to the WSUS patching schedule.

The 971778 advisory affects Windows 2000, Windows XP and Windows Server 2003 that is under limited attack.


Christopher Budd, security response communications lead for Microsoft, said: “Our investigation has shown that the vulnerable code was removed as part of our work building Windows Vista. This means that Windows Vista and versions of Windows since Windows Vista (Windows Server 2008, Windows 7) are not vulnerable.”


The vulnerability is in the QuickTime parser in Microsoft DirectShow. An attacker could try and exploit the vulnerability by crafting a specially formed video file and then posting it on a website or sending it as an attachment in email.


Microsoft claimed that while this is not a browser vulnerability, due to it being in DirectShow, a browser-based vector is potentially accessible through any browser using media plug-ins that use DirectShow. Budd also verified that it is possible to direct calls to DirectShow specifically, even if Apple's QuickTime (which is not vulnerable) is installed.


Microsoft has also announced that two new product categories are being added to the WSUS Products and Classifications dialog, both under the product family ‘Office Communicator Server and Office Communicator'.


Office Communications Server 2007 R2 will include updates for the Microsoft Office Communications Server 2007 R2, while the Office Communicator 2007 R2 product category will include updates for the Microsoft Office Communicator 2007 R2. Both will include coverage for service packs, critical and security updates.