DirectX a Direct Threat to Users

Home users are particularly susceptible to a flaw discovered in Microsoft's DirectX technology which can allow an attacker to run malicious code on an affected user's systems, operating with the same rights and privileges as that user. The vulnerability can be exploited via a specially crafted MIDI file engineered to take advantage of a buffer overflow flaw in the technology. If such an exploit were sent via email, Microsoft Outlook and Outlook Express could automatically launch the malicious MIDI file. Microsoft has issued a critical patch to resolve this security issue. Microsoft Security Bulletin MS03-030.