Windows Media Player security flaw found!

Question

Microsoft found a flaw in Windows Media Player when downloading skins.

Answer

This question was answered on May 14, 2003. Much of the information contained herein may have changed since posting.

A flaw exists in the way Windows Media Player downloads skin files The flaw could allow an attacker to force a file masquerading as a skin file into a known location on a user's machine This could then lead to malicious executable code on the victims system

Microsoft encourages all customers to review the Security Bulletins to keep optimal security The risk is considered ‘critical’ which is the highest security breach they have

An attacker could then host this malicious web page on a web site, or could send a link to the user via e-mail The vulnerability themselves provide no way to force a user to a web site

The affected versions are: Windows Media Player 7.1 & XP (version 8.0)

Download locations for this patch:

The patches for all Windows systems are available via:

Windows Update

The complete technical details are posted at the Microsoft web site:

http://www.microsoft.com/technet/security/bulletin/MS03-017.asp</a></b>

Need Help with this Issue?

We help people with technology! It's what we do.
Schedule an Appointment with a location for help!

Author

Posted by Michal of Data Doctors on May 14, 2003