Click Here to Install Silverlight*
United StatesChange|All Microsoft Sites
Microsoft
Download Center 
Search Advanced Search

DirectShow Security Fix for DirectX 9.0 and DirectX 9.0a (KB819696)

Brief Description
This is a small download package which fixes the security issue in DirectShow. To install the full DirectX 9.0b please see the DirectX 9.0b End-user runtime Related Resources link.

On This Page

Quick Details
File Name:DirectX9-KB819696-x86-ENU.exe
Version:9.0b
Knowledge Base (KB) Articles:KB819696
Date Published:7/23/2003
Language:English
Download Size:948 KB
Estimated Download Time: 3 min 56K
Change Language:
  

Overview

DirectX consists of a set of low-level Application Programming Interfaces (APIs) used by Windows programs for multimedia support. Within DirectX, the DirectShow technology performs client-side audio and video sourcing, manipulation and rendering.

There are two buffer overruns with identical effects in the function used by DirectShow to check parameters in a Musical Instrument Digital Interface (MIDI) file. A security vulnerability results because it would be possible for a malicious user to attempt to exploit these flaws and execute code in the security context of the logged on user.

An attacker could seek to exploit this vulnerability by creating a specially crafted MIDI file designed to exploit this vulnerability and then host it on a Web site or on a network share, or send it via an HTML email. In the case where the file was hosted on a web site or network share, the user would need to open the specially crafted file. If the file was embedded in a page, the vulnerability could be exploited when a user visited the Web page. In the HTML E-mail case, the vulnerability could be exploited when a user opened or previewed the HTML e-mail. A successful attack could have the effect of either causing DirectShow, or an application making use of DirectShow, to fail, or causing an attacker's code to run on the user's computer in the security context of the user.

This patch package is provided for minimum download size to address the security issue. Microsoft prefers that customers obtain and install the full DirectX 9.0b update, which contains additional non-security core graphics and DirectShow fixes.

 Top of page

System Requirements

  • Supported Operating Systems: TabletPC; Windows 2000; Windows 2000 Service Pack 2; Windows 2000 Service Pack 3; Windows 98; Windows 98 Second Edition; Windows ME; Windows Server 2003; Windows XP
  • Requires DirectX 9.0 or DirectX 9.0a to be installed.

 Top of page

Instructions

  1. Click the Download button on this page to start the download, or choose a different language from the drop-down list and click Go.
  2. Do one of the following:
    • To start the installation immediately, click Open or Run this program from its current location.
    • To copy the download to your computer for installation at a later time, click Save or Save this program to disk.

 Top of page

Additional Information

The DirectX 9.0/9.0a patch cannot be uninstalled. We recommend Windows Me and Windows XP users create a "System Restore" point before installing. For information on creating a restore point, please refer to the following Microsoft Knowledge Base articles:

 Top of page

 Top of page

 Top of page

© 2009 Microsoft Corporation. All rights reserved. Contact Us |Terms of Use |Trademarks |Privacy Statement