Researchers at EEye Digital Security recently discovered two big holes in Windows' music playback technology. The flaws, which Microsoft rates as "critical," could allow a hacker's code to run amok on your PC by exploiting a contaminated music file. The hacker could then take over your PC and do something nasty, like delete your files.

The problems lie in the way that Windows plays back a common type of music file called a MIDI (Musical Instrument Digital Interface) file. Unlike an audio file, a MIDI file contains a string of code that tells a synthesizer (such as the ones in most PCs) how to play a piece of music.

Microsoft's DirectX technology, which handles playback for audio and video in Internet Explorer and in Windows Media Player, also plays MIDI files. Microsoft realized that it had left two unchecked buffers in versions of DirectX from Windows XP all the way back to Windows 98. This weakness could let a miscreant send a malformed MIDI file containing too much data to one of the buffers. And for that to happen, you just have to visit a booby-trapped Web site or open (or preview) an HTML e-mail message with an embedded link. This triggers the infected MIDI file to download to your PC. When the buffer overflows, DirectX malfunctions and the hacker's code starts to execute.

Take care of the hole by grabbing the latest version of DirectX, 9.0b. Head to the Microsoft bulletin, "Unchecked Buffer in DirectX Could Enable System Compromise," for more details and a link to the patch, and go to eeye.com for EEye's bulletin.

Blaster Trouble

By now you've probably heard a lot about the Blaster worm. Also known as the Lovsan or DCOM worm, this self-propagating infiltrator exploited a flaw involving a part of Windows called the Distributed Component Object Model, and how it listens for Internet traffic. Infected Windows 2000 and XP systems could allow a bad guy to unleash random code or to launch denial-of-service attacks.

Microsoft had already plugged the hole before Blaster started spreading, but many users didn't get the chance to update at the time (grab a link to the fix for your Windows version at the bulletin, "Buffer Overrun In RPC Interface Could Allow Code Execution"). Even if you took care of the problem by downloading the latest virus definitions or using a removal tool (go to W32.Blaster.Worm Removal Tool for Symantec's tool), you'll still need Microsoft's patch.