Critical flaw in Windows music program

Monday, 28 July 2003, 1:43 PM EST

If exploited, the flaw could allow an attacker to delete files, search records, send e-mails or even launch a new attack from the victim's computer.

The problem involves how a technology in DirectX -- a group of instructions used by Windows programs to play audio and video -- handles MIDI (musical instrument digital interface) files.

Basically, an attacker could write a MIDI file designed to exploit the flaw and send it in an e-mail or host it on a Web site or shared network, said Stephen Toulouse, security program manager at Microsoft's Security Response Center.

[ Read more ]




Spotlight

Operation Pawn Storm: Varied targets and attack vectors, next-level spear-phishing tactics

Posted on 23 October 2014.  |  Targets of the spear phishing emails included staff at the Ministry of Defense in France, in the Vatican Embassy in Iraq, military officials from a number of countries, and more.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Oct 24th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //