Unchecked Buffer in Windows Media Player

Reported July 26, 2001, by Microsoft.

VERSIONS AFFECTED

• Microsoft Windows Media Player 7.1

• Microsoft Windows Media Player 7.0

• Microsoft Windows Media player 6.4

DESCRIPTION
An unchecked buffer exists in one of the functions used that processes Microsoft Windows Media Station (.nsc) files. An attacker can use this overflow condition to execute malicious code on the user’s system. This code can then take any action on the system that a legitimate user could take.

VENDOR RESPONSE

The vendor, Microsoft, has released security bulletin MS01-042 to address this vulnerability and recommends that users apply the following patch that's relevant to their system:

Windows Media Player 7.1:
Users can eliminate the vulnerability by installing the patch for version 6.4.

Windows Media Player 7.0:
Users can eliminate the vulnerability by upgrading to Windows Media Player 7.1 before installing the patch for version 6.4.

Windows Media Player 6.4:
Users can eliminate the vulnerability by installing the patch or upgrading to Windows Media Player 7.1 first and installing the patch for version 6.4.

Users can verify that the patch has installed on the machine by confirming that the program has created the following registry key:

 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows Media Player\WMSU5536

CREDIT
Discovered by Microsoft.