This security vulnerability affects Windows XP, Windows Server 2003 and Windows 2000 using DirectX 7, 8 or 9

A vulnerability has been reported in Microsoft DirectX, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an unspecified error in quartz.dll when processing QuickTime media files and can be exploited to execute arbitrary code.

NOTE: According to Microsoft, the vulnerability is currently being actively exploited.

For more details see the Secunia Advisory -
Microsoft information on the vulnerability:
Microsoft Security Advisory (971778): Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution -
Microsoft have not yet released a patch, but they have provided details of a workaround -