>Windows Media Player ‘Vulnerable’

9 03 2011

>Microsoft has issued warnings Windows Media Player contains a critical vulnerability that could allow remote code execution if a user is tricked into opening a video file.

 

The most serious warning is MS11-015, where Microsoft urgers all Windows users to apply this update, due to the severity and likelihood of an attack code within thirty days.

 
This security update resolves one publicly disclosed vulnerability in DirectShow and one privately reported vulnerability in Windows Media Player and Windows Media Center. The more severe of these vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Digital Video Recording (.dvr-ms) file. In all cases, a user cannot be forced to open the file; for an attack to be successful, a user must be convinced to do so.

 

Microsoft has rated the update critical for the following versions of Windows:

  • All versions of Windows XP, including Media Center Edition 2005
  • All supported editions of Windows Vista and Windows 7
  • Windows Media Center TV Pack for Windows Vista.

The following versions of Windows are not affected:

  • Windows XP Home Edition (SP3)
  • Windows XP Tablet PC Edition (SP3)
  • Windows Server 2003 (SP2)
  • Windows Server 2003 x64 Edition (SP2)
  • Windows Server 2003 for Itanium-based Systems (SP2)
  • Windows Server 2008 for 32-bit Systems
  • Windows Server 2008 for 32-bit Systems (SP2)
  • Windows Server 2008 for Itanium-based Systems
  • Windows Server 2008 for Itanium-based Systems (SP2)
  • Windows Server 2008 for Itanium-based Systems (R2)

You can download the security update via the Microsoft Download Center

Advertisements

Actions

Information

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s




%d bloggers like this: