Reported July 26, 2001, by
Microsoft.
VERSIONS AFFECTED
Microsoft
Windows Media Player 7.1
Microsoft
Windows Media Player 7.0
Microsoft
Windows Media player 6.4
DESCRIPTION
VENDOR RESPONSE
The
vendor, Microsoft, has released security
bulletin MS01-042
to address this vulnerability and recommends that users apply the following
patch that's relevant to their system:
Windows Media Player 7.1:
Windows Media Player 7.0:
Windows Media Player 6.4:
Users can verify that the patch has installed on the machine by
confirming that the program has created the following registry key:
CREDIT
An
unchecked buffer exists in one of the functions used that processes Microsoft
Windows Media Station (.nsc) files. An attacker can use this overflow condition
to execute malicious code on the user’s system. This code can then take any
action on the system that a legitimate user could take.
Users can eliminate the vulnerability by installing the patch
for version 6.4.
Users can eliminate the vulnerability by upgrading to Windows
Media Player 7.1 before installing the patch
for version 6.4.
Users can eliminate the vulnerability by installing the patch
or upgrading to Windows
Media Player 7.1 first and installing the patch for version 6.4.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows Media Player\WMSU5536
Discovered by Microsoft.
Unchecked Buffer in Windows Media Player
0 comments
Hide comments