Microsoft Warns Of Media-Player Vulnerability
Microsoft warns users of vulnerability in Media Player 6.4 and 7.0 that could let attackers run their code of choice.
Is there any chunk of code that users can trust on their systems? It's clear that computer users can't read E-mail, instant message, or Web surf without worrying about hackers launching malicious code on their system. And now, listening to music and watching streaming video can be added to that list.
Microsoft security bulletin MS01-029 warns MS Media Player users that versions 6.4 or 7.0 have a vulnerability that "potentially" lets attackers run the code of their choice. The bulletin advises users of version 6.4 to install a patch immediately, and users of version 7.0 to upgrade to 7.1. Older, or unsupported, versions of Media Player may or may not possess the same vulnerability, so tune in at your own risk.
The vulnerability stems from the Windows Media Player Active Stream Redirector processor. An unchecked buffer there can be overrun, enabling an attacker to run virtually anything on a victim's machine. All that an attacker needs to do is send malicious code through E-mail or a Web-site link, and find a way to persuade the victim to click on the link.
Users of Media Player 6.4 and 7.0 are better off clicking on microsoft.com/technet/security/bulletin/MS01-029.asp and grabbing the appropriate fix.
About the Author
You May Also Like
2024 InformationWeek US IT Salary Report
May 29, 20242022 State of ITOps and SecOps
Jun 21, 2022