Warning: critical DirectX bug causes security lack: attack through MIDI

Discussion in 'comp.music.midi' started by Günter Nagler, Jul 30, 2003.

  1. Playing specially prepared MIDI files (downloaded or activated from
    email attachment) can execute attacking code on computers which use
    Windows DirectX applications to play MIDI.

    A DirectX update that solves this security problem is available:
    http://www.microsoft.com/security/security_bulletins/ms03-030.asp

    Buffer overrun bugs while analysing MIDI file parameters caused that
    prepared data in the buffer (contains computer executable code!) can be
    executed.

Share This Page