Zero-day vulnerability in Microsoft DirectShow

The SANS Internet Storm Center is reporting that hackers are exploiting a zero-day flaw in the msvidctl.dll component of Microsoft DirectShow to infect computer users visiting compromised legitimate websites.

The flaw means that if you visit an affected website, hackers could silently install code onto your computer by exploiting a vulnerability on your Windows computer. What’s worse is that there is no official patch yet from Microsoft for the problem.

As it’s versions of Internet Explorer that are affected, some users may feel more comfortable using non-Microsoft web browsers until a fix is available. (Of course, other browsers may have any number of flaws of their own – it’s not as if there is any 100% secure web browser).

The good news for Sophos customers is that our anti-virus products detect samples of the exploit seen in circulation as…

Read more in my article on the Naked Security website.

Found this article interesting? Follow Graham Cluley on Twitter, Mastodon, or Threads to read more of the exclusive content we post.


Graham Cluley is a veteran of the cybersecurity industry, having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent analyst, he regularly makes media appearances and is an international public speaker on the topic of cybersecurity, hackers, and online privacy. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.