Explore the latest news and trends  

Keep yourself up to date with one of the following options:

  • Explore more news around Spam/Phishing, Malware/Cyber-attacks and Antivirus
  • Receive news and special offers from SPAMfighter directly in your inbox.
  • Get free tips and tricks from our blog and improve your security when surfing the net.
Go

Windows Media Player Reveals A Flaw

Security experts have detected a flaw in 'Microsoft Windows Media Player', which remote hackers can exploit to compromise an affected system or cause a 'denial of service'. The flaw results from a 'buffer overflow' fault in the Windows 'Media Playback/ Authoring library (WMVCORE.DLL)' when handling 'ASX Playlists' having an elongated "REF HREF" tag. The hackers can take advantage of this flawed technique in the system and execute arbitrary commands by luring a user into browsing a specially crafted website.

In a security advisory, 'eEye Research' explains that the 'ASX files' open automatically when made to appear within a Web browser. This allows exploiting the vulnerability through malicious sites or e-mails to enable to run 'arbitrary code' on the system whose user opened the ASX file. 'eEye Research' reports that when clients are the administrators on their local hosts, it results in an even more critical problem because the 'clients' would be running the malicious code within the protective Administrator credentials.

The vulnerability emerged a day after Microsoft found a 'zero-day' flaw in Word that has had 'limited attacks'.

With the appearance of the 'media player flaw', 'Internet Security Systems Inc.' (ISS) based in Atlanta put its 'AlertCon' to Level 2. On its Web site, ISS said that its analysts foresee the possibility of malicious people developing 'exploit code' over this issue. It, therefore, strongly recommends its customers to apply ISS 'product updates'.

A spokesman of Microsoft said in e-mail that the company's initial investigation showed that this 'proof-of-concept' could enable an attacker to run code in the user's 'security context'. He said Microsoft has not yet come across any attempts in exploiting this vulnerability. The company, along with its partners, was on the job of monitoring the situation and will guide the customers as necessary.
When the investigation is over, Microsoft will take necessary action to protect its customers, said the spokesperson. This might mean providing a 'security update' through its 'monthly release process', or an "out of cycle" 'security update', based on the urgency of customers' needs.

The best protection right now is to delete the ASX component or move to another program.

Related article: Windows XP Fault Strike Firewall

» SPAMfighter News - 13-12-2006

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Exchange Anti Spam Filter
Go back to previous page
Next