securitytracker.com - 12/29/2008
—
Description: A vulnerability was reported in Windows Media Player. A remote user can cause the target user's player to crash. A remote user can create a specially crafted WAV, SND, or MIDI file that, when loaded by the target user, will cause the target user's player to crash. The operating ...
blogs.technet.com - 12/29/2008
—
blogs.technet.com —
Happy holidays to everyone. While it’s been a
snowy holiday season for us in the Pacific Northwest...
(some of us are still snowed in), the MSRC never closes and we are always working to help keep customers safe. In that vein, we’ve received some ...
(more)
Questions about Vulnerability Claim in Windows Media Player
microsoft.com - 12/23/2008
—
microsoft.com —
Fully packed with utilities, PowerToys, visualizations, skins, sound
effects, and much more, you can install the Windows...
Media Bonus Pack on your Windows XP-based computer and let your creativity shine. The Windows Media Bonus Pack requires Windows ...
(more)
Windows Media Bonus Pack for Windows XP
Comments
Blog Reactions
Microsoft Disputes Claim of Windows Media Player Vulnerability
eWeek - RSS Feeds —
... a security researchers claim of a remote code execution flaw affecting Windows Media Player. Reports of the vulnerability surfaced last week on the SecurityTracker vulnerability notification service. According to the initial report, a bug inWindows Media Player could be exploited remotely via a specially-crafted SND, MIDI or WAV file to trigger an integer overflow. In that situation, the researcher alleged, a hacker could execute arbitrary code. A subsequent posting on the SANS Internet Storm Center Web site over the weekend stated a reader had tested proof-of-concept ...
Microsoft denies the severity of a Media Player exploit
Betanews —
... and confirmed that it did indeed crash WMP. But rather than take the test further, Heise then took the word of another Web site which claimed the crash was exploitable, prior to that site issuing a retraction yesterday. Heise has not corrected its version. "Security Tracker say that the vulnerability can allow code to pass through the hole," reads the Heise story. "If this is true it won't be long before real exploits appear. This was demonstrated with the recent zero day vulnerability of Internet Explorer." But the world at large was introduced by the issue yesterday when ...
Related Content
Windows Media Player crash not exploitable for code execution
blogs.technet.com 12/29/2008 — On Christmas Day, the MSRC opened a case tracking a Bugtraq-posted POC describing a “malformed WAV,SND,MID file which can lead to a remote integer overflow”. By Saturday evening, we saw reputable internet sources claiming this bug could lead to ...
Warning: Windows 7 beta could corrupt your MP3s
neowin.net 1/5/2009 — Several reports from users testing the latest leaked build of Windows 7 indicate a potential data corruption issue using Microsoft's Windows Media Player 12. Windows 7 beta 1 build 7000 leaked over the Christmas holidays and a Microsoft spokesperson ...
Hands on: Windows Media Player 12's surprising new features
arstechnica.com 10/30/2008 — Windows 7 includes a new version of Windows Media Player. As well as a refreshed user interface there are some surprising new features, hinting at a new-found appreciation for interoperability. Ars reports from PDC. Read More...
Microsoft issues first Windows 7 beta patch
computerworld.com 1/14/2009 — January 13, 2009 (Computerworld) Microsoft Corp. today issued its first patch for the just-released Windows 7 beta, but it passed on plugging a hole in an important file-sharing protocol that it fixed in older versions of the operating system . ...
Windows Media Player flaw denied —
The Register 12/30/2008
Security pantomime Researchers reckon a security bug in Windows Media Player creates a means for hackers to inject hostile code onto vulnerable systems. However Microsoft has denied this, saying that the bug only creates a means to crash the ...
Follow TechBlips on Twitter
