This security vulnerability affects Windows XP, Windows Server 2003 and Windows 2000 using DirectX 7, 8 or 9

A vulnerability has been reported in Microsoft DirectX, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an unspecified error in quartz.dll when processing QuickTime media files and can be exploited to execute arbitrary code.

NOTE: According to Microsoft, the vulnerability is currently being actively exploited.

For more details see the Secunia Advisory - http://secunia.com/advisories/35268/
Microsoft information on the vulnerability:
Microsoft Security Advisory (971778): Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution - http://www.microsoft.com/technet/security/...ory/971778.mspx
Microsoft have not yet released a patch, but they have provided details of a workaround - http://support.microsoft.com/kb/971778