No vulnerability in Windows Media Player, Microsoft

Printer-friendly versionSend to friendPDF version
By kevintilva on 30 Dec 2008 - 14:49

Software giant Microsoft denied that a vulnerability exists in Windows Media Player that would allow for remote code execution.

Microsoft said that it had investigated reports that surfaced on the Internet last week and found them to be wrong. The flaw of the windows media player is reliability issue with no security risk to customers.

The investigation followed claims published on the Bugtraq security mailing list that a vulnerability existed in Windows Media Player 9, 10, and 11. The researcher said the vulnerability allows a hacker to create a malformed WAV, SND, or MIDI file to compromise a PC running Windows Vista or Windows XP, which would allow remote code execution.

Microsoft said that the security researcher making the initial report did not contact us or work with us directly but instead and posted the report to a public mailing list. After that report, other organizations picked the report and claimed that the issue was a code execution vulnerability in Windows Media Player. We have found no possibility for the same issue.

Microsoft said that the flaw of the Windows Media Player had already been identified during routine code maintenance and also corrected in Windows Server 2003 Service Pack 2.

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <b>
  • Lines and paragraphs break automatically.
  • You may insert videos with [video:URL]

More information about formatting options

CAPTCHA
This question is for testing whether you are a human visitor and to prevent automated spam submissions.
Image CAPTCHA
Enter the characters shown in the image.

Most Popular

Most Commented

Most Emailed

Follow Us

www.tecspeak.com © 2010 Tecspeak.com