|
|
|
|
| |
Credit:
The information has been provided by microsoft and Yamata Li.
The original article can be found at: http://www.microsoft.com/technet/security/bulletin/ms09-052.mspx
|
| |
Vulnerable Systems:
* Windows 2000
Windows XP
Windows XP Professional x64
Windows Server 2003
Windows Server 2003 x64
Immune Systems:
* Windows Server 2003 with SP2
* Windows Server 2008
This security update resolves a privately reported vulnerability in Windows Media Player. The vulnerability could allow remote code execution if a specially crafted ASF file is played using Windows Media Player 6.4. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
This security update is rated Critical for Microsoft Windows Media Player 6.4 when installed on all supported editions of Microsoft Windows 2000, Windows XP, and Windows Server 2003. For more information, see the subsection, Affected and Non-Affected Software, in this section.
The security update addresses the vulnerability by correcting the manner in which Windows Media Player 6.4 handles specially crafted ASF files.
Patch Availability:
http://go.microsoft.com/fwlink/?LinkID=40747
CVE Information:
CVE-2009-2527
|
|
|
|
|
