CVE-2009-1537 — Microsoft DirectX: Microsoft DirectX NULL Byte Overwrite Vulnerability

/HIGH
Written by SCW Vulnerability Desk Vulnerability Intelligence
CISA KEV vulnerabilitycvecisa-kevactively-exploited
CVE-2009-1537 — Microsoft DirectX: Microsoft DirectX NULL Byte Overwrite Vulnerability

Image via

CVE-2009-1537 — Microsoft DirectX contains a NULL byte overwrite vulnerability in the QuickTime Movie Parser Filter in quartz.dll in DirectShow which could allow remote attackers to execute arbitrary code via a crafted QuickTime media file.

https://learn.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-028

What This Means For You

  • CISA has confirmed active exploitation — immediate patching required.
  • Added to CISA KEV catalog — federal agencies must remediate by 2026-06-03.

Related ATT&CK Techniques

T1190 Exploit Public-Facing Application Initial Access T1566.002 Spearphishing Attachment Initial Access T1204.002 Malicious File Execution

Indicators of Compromise

IDTypeIndicator
CVE-2009-1537 RCE Microsoft DirectX
CVE-2009-1537 RCE QuickTime Movie Parser Filter in quartz.dll in DirectShow
CVE-2009-1537 RCE NULL byte overwrite vulnerability
CVE-2009-1537 RCE crafted QuickTime media file

Written by SCW Vulnerability Desk

🔎
Turn this CVE into SIEM detection coverage Generate detection rules for Splunk, Sentinel, QRadar & Elastic — straight from this vulnerability. Use /detect in the Intel Bot.
Open Intel Bot →
Source & Attribution
Source PlatformCISA
ChannelCISA KEV
Channel IDcisa-kev
Message ID20091537
PublishedMay 20, 2026 at 15:00 UTC
Original Linkhttps://learn.microsoft.com/en-us/security-updates/securi...

This content was curated and summarized by Shimi's Cyber World for informational purposes. It is not copied or republished in full. All intellectual property rights remain with the original author and source.

Believe this infringes your rights? Submit a takedown request.

Related coverage

CVE-2026-9141: Taiko AG1000-01A SMS Gateway Critical Auth Bypass

CVE-2026-9141 — Taiko AG1000-01A SMS Alert Gateway Rev 7.3 and Rev 8 contains an authentication bypass vulnerability in the embedded web configuration interface that allows...

vulnerabilityCVEcriticalhigh-severityauthentication-bypasscwe-306
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 3 IOCs /⚙ 7 Sigma

Taiko AG1000-01A SMS Gateway Critical Hard-Coded Credential Vulnerability

CVE-2026-9139 — Taiko AG1000-01A SMS Alert Gateway Rev 7.3 and Rev 8 contains a hard-coded credential vulnerability in the embedded web configuration interface where authentication...

vulnerabilityCVEcriticalhigh-severitycwe-798
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 1 IOC /⚙ 3 Sigma

Google Chrome Use-After-Free (CVE-2026-9126) Allows RCE

CVE-2026-9126 — Use after free in DOM in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker to execute arbitrary code inside a sandbox...

vulnerabilityCVEhigh-severityuse-after-freecwe-416
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 3 Sigma