CVE-2011-0032

Name of the Vulnerable Software and Affected Versions Microsoft Windows Vista SP1 and SP2 Microsoft Windows 7 Gold and SP1 Microsoft Windows Server 2008 R2 and R2 SP1 Microsoft Windows Media Center TV Pack for Windows Vista

Description The issue allows local users to gain privileges via a Trojan horse DLL in the current working directory. This can be demonstrated by a directory containing specific file types such as Digital Video Recording (.dvr-ms), Windows Recorded TV Show (.wtv), or .mpg files. A remote code execution vulnerability exists in the way that Microsoft DirectShow handles the loading of DLL files, potentially allowing an attacker to take complete control of an affected system, install programs, view, change, or delete data, or create new accounts with full user rights.

Recommendations For Microsoft Windows Vista SP1 and SP2, consider restricting access to the DirectShow component until a patch is available. For Microsoft Windows 7 Gold and SP1, avoid using the vulnerable DLL loading mechanism in DirectShow until the issue is resolved. For Microsoft Windows Server 2008 R2 and R2 SP1, restrict the use of DirectShow to minimize the risk of exploitation. For Microsoft Windows Media Center TV Pack for Windows Vista, disable the DirectShow functionality as a temporary workaround until a patch is available.