There is a widespread attack underway against an unpatched vulnerability in the Msvidctl DLL. The attacks are using Internet Explorer as the attack vector and pushing a Trojan downloader onto compromised machines. The SANS Internet Storm Center recommends setting the killbit on the vulnerable DLL to protect against the attack. The vulnerability the attacks are exploiting is not the zero-day flaw in Microsoft s DirectShow component, as was previously reported. Microsoft has set up a page with information on how to work around the vulnerability and FixIt tool.
Source: https://threatpost.com/updated-mass-attacks-exploiting-0-day-microsoft-video-dll-070609/72820/