I just wanted to post this to the community to ensure everyone keeps their gig machine working smooth. This only applies to windows XP users who often use the Indeo codec.
There is a vulnerability in the indeo codec on windowsXP... It is possible to download a clip in indeo format with some bad bits in there. It is possible to perform memory overflow and execute arbitrary code with the same permissions as user who ran the file (how many of you are admin right now..). There is a microsoft update available to correct this issue and I highly advise all VJ's who sometimes use indeo to grab that patch and hold off from downloading indeo clips for a few months (It is very easy to MITM a server like vjvault, listen for requests for downloads, and inject the hex that makes stuff happen, while a user is downloading a clip... and the "hacker" who now controls your box didn't even notice you until you were on his botnet)...
And please don't reply that you use a mac so you are secure, You are more insecure than windows right now, and the most exploited software currently is Adobe systems stuff and no longer microsoft (Yes adobe reader and/or flash player is installed on 98% of machines (odd stat I read recently about acrocracks) and there are many advanced rootkits for the mach kernel that are pretty easy to hit (especially with an adobe installer.. echem *pay for your software* echem).
So make sure you have this patch : http://support.microsoft.com/kb/954157
thanks and stay safe out there in the web.
