Critical flaw in Windows music program
If exploited, the flaw could allow an attacker to delete files, search records, send e-mails or even launch a new attack from the victim's computer.
The problem involves how a technology in DirectX -- a group of instructions used by Windows programs to play audio and video -- handles MIDI (musical instrument digital interface) files.
Basically, an attacker could write a MIDI file designed to exploit the flaw and send it in an e-mail or host it on a Web site or shared network, said Stephen Toulouse, security program manager at Microsoft's Security Response Center.
[ Read more ]
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.