Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Windows Media Player Reveals A Flaw

Security experts have detected a flaw in 'Microsoft Windows Media Player', which remote hackers can exploit to compromise an affected system or cause a 'denial of service'. The flaw results from a 'buffer overflow' fault in the Windows 'Media Playback/ Authoring library (WMVCORE.DLL)' when handling 'ASX Playlists' having an elongated "REF HREF" tag. The hackers can take advantage of this flawed technique in the system and execute arbitrary commands by luring a user into browsing a specially crafted website.

In a security advisory, 'eEye Research' explains that the 'ASX files' open automatically when made to appear within a Web browser. This allows exploiting the vulnerability through malicious sites or e-mails to enable to run 'arbitrary code' on the system whose user opened the ASX file. 'eEye Research' reports that when clients are the administrators on their local hosts, it results in an even more critical problem because the 'clients' would be running the malicious code within the protective Administrator credentials.

The vulnerability emerged a day after Microsoft found a 'zero-day' flaw in Word that has had 'limited attacks'.

With the appearance of the 'media player flaw', 'Internet Security Systems Inc.' (ISS) based in Atlanta put its 'AlertCon' to Level 2. On its Web site, ISS said that its analysts foresee the possibility of malicious people developing 'exploit code' over this issue. It, therefore, strongly recommends its customers to apply ISS 'product updates'.

A spokesman of Microsoft said in e-mail that the company's initial investigation showed that this 'proof-of-concept' could enable an attacker to run code in the user's 'security context'. He said Microsoft has not yet come across any attempts in exploiting this vulnerability. The company, along with its partners, was on the job of monitoring the situation and will guide the customers as necessary.
When the investigation is over, Microsoft will take necessary action to protect its customers, said the spokesperson. This might mean providing a 'security update' through its 'monthly release process', or an "out of cycle" 'security update', based on the urgency of customers' needs.

The best protection right now is to delete the ASX component or move to another program.

Related article: Windows XP Fault Strike Firewall

» SPAMfighter News - 12/13/2006

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page