New threat targets DirectShow component via Internet Explorer

by Lee Mathews on July 6, 2009 at 01:50 PM

As if it wasn't bad enough news that IE's market share continues to slide against Firefox, Chrome, Safari, and Opera, news is spreading today about another new flaw affecting Internet Explorer.

The drive-by exploit targets msvidctl.dll, a DirectShow component, and is popping up on numerous recently-compromised websites. Sophos' Graham Cluely speculates that the attack may have been timed to catch people off guard on the Fourth of July weekend.

Until a fix has been released by Microsoft your best bet is to use an alternative web browser. If you want to stick with IE, the Internet Storm Center has posted a workaround. Run regedit, and update the following key:
HKEY_LOCAL_MACHINE\SOFTWARE\MicrosoftInternet Explorer\ActiveX Compatibility\{0955AC62-BF2E-4CBA-A2B9-A63F772D46CF}

and set its value to: 00000400
If the value does not exist in your registry, you can create it as a new DWORD value.

Tags: exploit, internet-explorer, security