Home / bulletins MS09-028 - Critical: Vulnerabilities in Microsoft DirectShow Could Allow Remote Code Execution (971633) - Version:1.0
Posted on 01 August 2009
CriticalSeverity Rating: Critical - Revision Note: V1.0 (July 14, 2009): Bulletin published.Summary: This security update resolves one publicly disclosed vulnerability and two privately reported vulnerabilities in Microsoft DirectShow. The vulnerabilities could allow remote code execution if a user opened a specially crafted QuickTime media file. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Other versions
- MS09-028 - Version: 1.0
- MS09-028 - Version: 1.0
- MS09-028 - Version: 2.0
- MS09-028 - Version: 1.0
