Zero-Day Threat Quietly Growing

Dennis Faas's picture

It's the calm before the storm. As I write this, the threat of a zero-day virus exists in third-party software utilized by Microsoft, and few seem to know about it.

The hole lies in DirectX Media Software Developers Kit, or SDK, which is regularly included in Microsoft's own products. It takes on the form of an ActiveX control, a measure created before the turn of the century for crafting plug-ins for programs like the web's most dominant web browser, Internet Explorer.

So, what's the threat?!?!

Calm down. For now, there have been no reports of anyone being attacked. What it takes, however, is owning the swiss-cheese ActiveX control. Security firm Secunia has identified the problem file as 'DXSurface.LivePicture.FLashPix.1 (DXTLIPI.DLL)'.

Already outlining the possible consequences, however unlikely, is the United States Computer Emergency Readiness Team. It finds that if a hacker exploiting the flawed ActiveX control can convince an unknowing user to view a special HTML document (like an email and/or attachment), he or she can "'execute arbitrary code with the privileges of the user.'" (Source:

What solutions are there?

Thankfully, there is help. PC World reports that the simplest way to block the threat is to use "kill bit" in the Windows Registry for the ActiveX control in question. Unfortunately, this type of work isn't for the faint of heart, and should only be approached by a computer expert.

Editing the Windows Registry without professional help is like taking out your appendix hunched over the kitchen sink. Another solution may be the use and update of Norton AntiVirus 2006; Symantec has recently crafted a patch that promises to solve the problem. (Source:

Go Vista, or go to hell

Perhaps it's unsurprising that Microsoft is planning the phasing out of this particular software. Call it one of the best reasons to move to Windows Vista -- few users of the new operating system have reported owning the troublesome ActiveX .DLL file.

| Tags:
Rate this article: 
No votes yet