Hackers are using rigged QuickTime media files to exploit an unpatched vulnerability in DirectShow, the APIs used by Windows programs for multimedia support. Microsoft has issued a pre-patch advisory with workarounds and a one-click fix it feature to enable the mitigations. Windows 2000 Service Pack 4, Windows XP, and Windows Server 2003 are vulnerable; all versions of Windows Vista and Windows 2008 are not vulnerable. An attacker would try and exploit the vulnerability by crafting a specially formed video file and then posting it on a website.
Source: https://threatpost.com/microsoft-warns-dangerous-directshow-flaw-attacks-052809/72744/