OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site. Windows Media Player 6.4 shipped as part of both Windows ME and Windows 2000, and Windows Media Player for Windows XP ships as part of Windows XP. No, create an account now. However, Microsoft said it has found other security flaws in Windows Media Player, but it hasn't released the details. have a peek here
The portion of Windows Media Player 6.4 that handles ASF files doesn't properly check inputs before processing them. What does the patch do? Style Default Style Contact Us Help Home Top RSS Terms and Rules Copyright © TechGuy, Inc. The flaw makes it possible for attackers to send malformed ASF files that could either crash a system or let malicious hackers take administrative control of it. https://technet.microsoft.com/en-us/library/security/ms01-056.aspx
Corr. 2010-10-13 2011-10-04 9.3 None Remote Medium Not required Complete Complete Complete Microsoft Windows Media Player (WMP) 9 through 12 does not properly deallocate objects during a browser reload action, which These alerts contain information compiled from diverse sources and provide comprehensive technical descriptions, objective analytical assessments, workarounds and practical safeguards, and links to vendor advisories and patches. Yes. NOTE: since the only known attack vector requires command line access, this may not be a vulnerability. 40 CVE-2002-1844 +Priv 2002-12-31 2008-09-05 7.2 Admin Local Low Not required Complete Complete Complete
It affects only Windows Media Player 6.4, and can only be exploited by the user opening and deliberately playing an ASF file. Windows XP users should visit Windows Update to install the latest fixes. Any use of this information is at the user's risk. https://www.neowin.net/forum/topic/5658-critical-update-windows-media-player-asf-processor-contains-uncheck/ Windows Media Player for Windows XP includes components of Windows Media Player 6.4, but they are not affected by the ASF buffer overrun or by any of the other vulnerabilities discussed
Show Ignored Content As Seen On Welcome to Tech Support Guy! This site is completely free -- paid for by advertisers and donations. Analysis This specific vulnerability is only likely to cause the user's Media Player to fail. The player can be restarted without damaging the player or system. The ability of an attacker to Fixed Software Microsoft has released patches for Media Player 6.4, 7 and 7.1 at the following direct download link: Media Player Microsoft recommends that users upgrade their Windows XP system with
Sorry There was an error emailing this page. If you're not already familiar with forums, watch our Welcome Guide to get started. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. This patch or upgrade also includes fixes for more severe vulnerabilities, which were previously released individually, and additional vulnerabilities that Microsoft discovered during research and development of these corrections. These previous vulnerabilities were
This would pose a significant security threat. navigate here Frequently asked questions What vulnerabilities are eliminated by this patch? Security Advisories and Bulletins Security Bulletins 2001 2001 MS01-056 MS01-056 MS01-056 MS01-060 MS01-059 MS01-058 MS01-057 MS01-056 MS01-055 MS01-054 MS01-053 MS01-052 MS01-051 MS01-050 MS01-049 MS01-048 MS01-047 MS01-046 MS01-045 MS01-044 MS01-043 MS01-042 MS01-041 What's the scope of these additional vulnerabilities?
By creating a specially malformed ASF file and inducing a user to play it, an attacker could overrun the buffer, with either of two results: in the simplest case, Windows Media a Reston, Va.-based security firm. "You don't know what to assume. ... If the attacker guessed wrong, the player would fail, but this wouldn't pose a security threat. http://midsolutions.org/windows-media/windows-media-player-11-media-sharing-vista-to-xp.html Amongst other things, this patch fixes a vulnerability that could allow a malformed Advanced Streaming Format (.ASF) file to run arbitrary code on affected systems.
This patch eliminates all known security vulnerabilities affecting Windows Media Player 6.4: A vulnerability involving the processor for Advanced Streaming Format (ASF) files The vulnerabilities previously discussed in Microsoft Security Bulletins AnandTech Forums: Technology, Hardware, Software, and Deals Home Forums > Software > Software for Windows > Home Guides Registry Guide Security Guide Software Guide Scripting Guide Search Support About Us Integ.
Stay logged in Sign up now! We appreciate your feedback. Staff Online Now davehc Trusted Advisor Advertisement Tech Support Guy Home Forums > Software & Hardware > Multimedia > Home Forums Forums Quick Links Search Forums Recent Posts Members Members Quick Microsoft Customer Support Microsoft Community Forums United States (English) Sign in Security TechCenter Home Security Updates Tools Learn Library Support Weâ€™re sorry.
NetApp for enterprise flash storage Considering enterprise flash array storage? All rights reserved. Copyright 2001, Oxygen3 by Panda Software www.pandasoftware.com Tools: Print Email Link Comments (0) Related Source Profile: Panda Software Related Topic: Computer Put Computer Headlines on this contact form About Us Newsroom Careers At Adobe Privacy Security Corporate Responsibility Customer Showcase Investor Relations Events Contact Us Security Bulletins and Advisories This page contains important information regarding security vulnerabilities that could
In addition, some affect components of Windows Media Player 6.4 that, for purposes of backward compatibility, ship with Windows Media Player 7, and 7.1. Today's patch addresses these flaws as well, Microsoft said.