UpdatesDescription: This security update resolves a privately reported vulnerability in Microsoft DirectShow. The vulnerability could allow remote code execution if a user opened a specially crafted AVI file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
The security update addresses the vulnerability by correcting the way that DirectShow opens AVI files.

Update type: Critical

Release date: February 9, 2010

Applies to: All versions

Knowledge base: http://support.microsoft.com/kb/977935

Download link: 32-bit | 64-bit
Comments:Here are the specifics on the vulnerabilities covered by this update:

2 Replies to “KB977935”

  1. Steve .EUREEEEKAYou have just ended a 2 year nightmare!I have been eitidng GoToWebinars in Sony Vegas, and about May of 2007 the converted to standard .wmv files stopped being editable. I would import and it would just sit there as I watched the Vegas application’s Mem Usage in Windows Task Manager sky rocket until my RAM was maxed. Camtasia and Windows Movie Maker would similarly choke. Citrix blamed my software but would not recommend any eitidng software that would reliably edit their converted .wmv. The best they could offer was to use another program (Camtasia) to do the capturing!I was reduced to rebuilding slide shows in Vegas as imported JPGs and using the soundtrack (which I could salvage if I quickly deleted the video track before my RAM was maxed.) but then I got a 50+ slide presentaion with 5+ animations per slide. It drove me to Google and then Sam’s site here where I discovered the magic of re-converting the (supposedly) converted wmv. Viola! I can drag wmv in, Mem Usage stays below 100 Megs like it should, and it appears perfectly editable. One note: for me the transcoder was in C:\Program Files\Citrix\GoToMeeting\366 .a version/build thing I suspect that may change again when I visit GoTo and get the software re-installed as it does each time.Not sure what the GTW problem is. I suspect the conversion to standard WMV (which I do religiously by the way)never actually, or correctly took place. I would suspect maybe some version/build codec incompatibilty, as in it was recorded in one build but I might edit on another build .but the WMVs that are editable are always editable, the ones that choke, always choke. At any rate I am very grateful for this tidbit.

Leave a Reply