Security Hole Discovered in Microsoft Windows Media Player

**Admin** · 10-Dec-2006, 10:38 PM

Users are being advised to disable a certain type of file in Microsoft’s Windows Media Player software following the discovery of a new security hole.
The flaw, which affects Windows Media Player versions 9 and 10, could allow a malicious hacker to run unauthorized software on a victim’s PC or cause a denial-of-service attack, according to security company FrSIRT, which rated the problem critical in an advisory Thursday.
The flaw is due to a buffer overflow error that can occur when Windows Media Player is used to run ".asx" media files, according to a warning from eEye Digital Security.
Such files open automatically in a Web browser, meaning a hacker would need only to post an infected .asx file in a webpage and then try to lure users to visit the page, eEye Digital said. An infected file could also be sent via e-mail, in which case users would need to be persuaded to open it.
Microsoft said an initial investigation revealed that the "proof-of-concept" code could allow an attacker to execute code on a user’s machine. It said it was unaware of any attempts to exploit the vulnerability, and it was unclear Friday morning if the proof-of-concept code it referred to was in the hands of hackers.
Users can protect against the vulnerability in Internet Explorer by preventing it from opening .asx files automatically. Turning off Active Scripting would also greatly reduce, but not eliminate, the risk, Microsoft said. FrSIRT also recommended that users upgrade to Windows Media Player 11, which it said is not affected.
Microsoft was still determining Friday whether it needed to issue an "out-of-cycle" security fix for the problem or patch it with its next monthly software update.
The flaw was originally reported on Nov. 22, when it was identified only as a denial-of-service issue.
Some discussion boards described the problem as a "zero-day exploit," although it was unclear if that was the case. Zero-day exploits occur when exploit code is released on the same day that a flaw is uncovered, giving users no time to protect themselves.
It’s been another busy week for Microsoft’s security teams. On Tuesday the company warned of an unpatched vulnerability in Word that had been the subject of what it called "limited attacks." And on Thursday it said it was readying several patches for Visual Studio and Windows that it plans to release next week.
The patches currently due for next week do not address the problems with Word and Windows Media Player.

10-Dec-2006, 10:38 PM	#1 (permalink)
Admin Administrator Posts: 876 Join Date: Oct 2005 Rep Power: 10 IM:	Security Hole Discovered in Microsoft Windows Media Player Users are being advised to disable a certain type of file in Microsoft’s Windows Media Player software following the discovery of a new security hole. The flaw, which affects Windows Media Player versions 9 and 10, could allow a malicious hacker to run unauthorized software on a victim’s PC or cause a denial-of-service attack, according to security company FrSIRT, which rated the problem critical in an advisory Thursday. The flaw is due to a buffer overflow error that can occur when Windows Media Player is used to run ".asx" media files, according to a warning from eEye Digital Security. Such files open automatically in a Web browser, meaning a hacker would need only to post an infected .asx file in a webpage and then try to lure users to visit the page, eEye Digital said. An infected file could also be sent via e-mail, in which case users would need to be persuaded to open it. Microsoft said an initial investigation revealed that the "proof-of-concept" code could allow an attacker to execute code on a user’s machine. It said it was unaware of any attempts to exploit the vulnerability, and it was unclear Friday morning if the proof-of-concept code it referred to was in the hands of hackers. Users can protect against the vulnerability in Internet Explorer by preventing it from opening .asx files automatically. Turning off Active Scripting would also greatly reduce, but not eliminate, the risk, Microsoft said. FrSIRT also recommended that users upgrade to Windows Media Player 11, which it said is not affected. Microsoft was still determining Friday whether it needed to issue an "out-of-cycle" security fix for the problem or patch it with its next monthly software update. The flaw was originally reported on Nov. 22, when it was identified only as a denial-of-service issue. Some discussion boards described the problem as a "zero-day exploit," although it was unclear if that was the case. Zero-day exploits occur when exploit code is released on the same day that a flaw is uncovered, giving users no time to protect themselves. It’s been another busy week for Microsoft’s security teams. On Tuesday the company warned of an unpatched vulnerability in Word that had been the subject of what it called "limited attacks." And on Thursday it said it was readying several patches for Visual Studio and Windows that it plans to release next week. The patches currently due for next week do not address the problems with Word and Windows Media Player.

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Possible iPhone Security Hole to be Demonstrated in Las Vegas	Anilrgowda	Mac - Operating Systems and Applications Error	0	02-Aug-2007 12:21 AM
View media content using Windows Media Player Firefox Plug-in	Anilrgowda	Microsoft windows vista error	0	18-Jul-2007 12:00 AM
Problems setting up Windows Media Player as the default player for *.WAV files	Anilrgowda	Microsoft Windows xp error	1	15-Feb-2007 01:24 AM
Google Patch Security Hole	Anilrgowda	Search Engine Optimization	0	14-Jan-2007 11:39 PM
New Security Hole Discovered In Microsoft Word	Anilrgowda	Microsoft	0	07-Jan-2007 09:13 AM

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)