Tech Support Guy banner
Status
Not open for further replies.
1 - 3 of 3 Posts

·
Super Moderator
Joined
·
37,798 Posts
Discussion Starter · #1 ·
Hiya

One of the streaming media formats supported by Windows Media
Player is Advanced Streaming Format (ASF). A security vulnerability
occurs in Windows Media Player 6.4 because the code that processes
ASF files contains an unchecked buffer.

By creating a specially malformed ASF file and inducing a user to
play it, an attacker could overrun the buffer, with either of two
results: in the simplest case, Windows Media Player 6.4 would fail;
in the more complex case, code chosen by the attacker could be made
to run on the user's computer, with the privileges of the user.
The scope of this vulnerability is rather limited. It affects only
Windows Media Player 6.4, and can only be exploited by the user
opening and deliberately playing an ASF file. There is no
capability to exploit this vulnerability via email or a web page

Affected Software:

Windows Media Player 6.4
Windows Media Player 7
Windows Media Player 7.1
Windows Media Player for Windows XP

http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/ms01-056.asp

Regards

eddie
 

·
Registered
Joined
·
11,958 Posts
Thanks Eddie
In the details section of the update it suggests anyone using the aforementioned versions should update not just 6.4 since previously downloads are not patched. It is kind of confusing when they state in the body only 6.4! I am running 7.1 and did the update.
Dave
 

·
Super Moderator
Joined
·
37,798 Posts
Discussion Starter · #3 ·
Thanks Dave

I posted that in my lunch hour, so didn't actually have the time to fully expand all the bits in the Technet. I'll have a deeper look tonight.

Regards

eddie
 
1 - 3 of 3 Posts
Status
Not open for further replies.
Top