Posted by: Bcournoyer
Late last week, Microsoft released an advisory warning of a new vulnerability that could strike users simply by opening a Web page. Windows Vista users (if there are any out there) along with those running Windows Server 2008 are safe, but XP, Server 2003 and Windows 2000 are all affected.
According to SearchSecurity.com, the flaw is in the QuickTime parser in DirectShow, and can be used by an attacker to execute code remotely.
While there is no official fix for the issue as of yet, there is a workaround that Microsoft is currently recommending. Also, Michael Horowitz over at Computerworld has posted a neat little cheat sheet for solving the problem that is defintely worth checking out.