Microsoft has Released an Out-of-Cycle Security Bulletin and Workarounds that Address a Serious Flaw Affecting Microsoft DirectX. DirectShow is prone to a Vulnerability that can lead to Code Execution when a Specially-Crafted QuickTime Media File is Viewed. This Vulnerability is being Exploited In-the-Wild in Limited Attacks.

For more information, see the following:

New Vulnerability in quartz.dll Quicktime Parsing:
http://blogs.technet.com/srd/archive/2009/05/28/new-vulnerability-in-quicktime-parsing.aspx.

Microsoft Security Advisory (971778):
Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution: http://www.microsoft.com/technet/security/advisory/971778.mspx.