1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Windows Media Player Vulnerability: Nov 20

Discussion in 'Multimedia' started by eddie5659, Nov 20, 2001.

Thread Status:
Not open for further replies.
  1. eddie5659

    eddie5659 Moderator Malware Specialist Thread Starter

    Joined:
    Mar 19, 2001
    Messages:
    35,977
    Hiya

    One of the streaming media formats supported by Windows Media
    Player is Advanced Streaming Format (ASF). A security vulnerability
    occurs in Windows Media Player 6.4 because the code that processes
    ASF files contains an unchecked buffer.

    By creating a specially malformed ASF file and inducing a user to
    play it, an attacker could overrun the buffer, with either of two
    results: in the simplest case, Windows Media Player 6.4 would fail;
    in the more complex case, code chosen by the attacker could be made
    to run on the user's computer, with the privileges of the user.
    The scope of this vulnerability is rather limited. It affects only
    Windows Media Player 6.4, and can only be exploited by the user
    opening and deliberately playing an ASF file. There is no
    capability to exploit this vulnerability via email or a web page

    Affected Software:

    Windows Media Player 6.4
    Windows Media Player 7
    Windows Media Player 7.1
    Windows Media Player for Windows XP

    http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/ms01-056.asp

    Regards

    eddie
     
  2. Davey7549

    Davey7549

    Joined:
    Feb 28, 2001
    Messages:
    11,584
    Thanks Eddie
    In the details section of the update it suggests anyone using the aforementioned versions should update not just 6.4 since previously downloads are not patched. It is kind of confusing when they state in the body only 6.4! I am running 7.1 and did the update.
    Dave
     
  3. eddie5659

    eddie5659 Moderator Malware Specialist Thread Starter

    Joined:
    Mar 19, 2001
    Messages:
    35,977
    Thanks Dave

    I posted that in my lunch hour, so didn't actually have the time to fully expand all the bits in the Technet. I'll have a deeper look tonight.

    Regards

    eddie
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/59076

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice