Join Date: Apr 2001
Location: Down South
Yet Another Media Player Vulnerabilty
Flaw detected in Windows Media Player
By JAIKUMAR VIJAYAN
(November 20, 2001)
A buffer-overflow vulnerability in Microsoft Corp.'s Windows Media Player software could let malicious attackers run code of their choice on a victim's system, Microsoft warned in an advisory today.
Microsoft is advising users to immediately apply a patch that takes care of not just the latest threat but also a slew of other vulnerabilties -- some of them still undisclosed -- that cumulatively pose a "critical" security risk for users.
The latest buffer-overrun vulnerability affects Windows Media Player 6.4, 7 and 7.1 and Windows Media Player for Windows XP.
A coding flaw exists in the Advanced Streaming Format (ASF) that's used by Windows Media Player for storing streaming media data and sending it over networks, according to Microsoft. The flaw makes it possible for attackers to send malformed ASF files that could either crash a system or let malicious hackers take administrative control of it.
The flaw can successfully be exploited only by the user actually opening and playing the ASF file, Microsoft said. And there is no capability to exploit this vulnerability via e-mail or a Web page, the company said.
The cumulative patch that has been released for this latest hole also addresses other flaws that are more dangerous. Some of these flaws have already been disclosed by Microsoft, and patches for them have been released. The patch can be downloaded from Microsoft's advisory page.
However, Microsoft said it has found other security flaws in Windows Media Player, but it hasn't released the details. In the worst case, these undisclosed flaws could let a malicious user run code on a victim's system that allows them to attack via e-mail or a Web page, the company warned. Today's patch addresses these flaws as well, Microsoft said.
The problem is that undisclosed vulnerabilties pose a serious concern for users, said Russ Cooper, an analyst at TruSecure Corp. a Reston, Va.-based security firm.
"You don't know what to assume. ... You simply cannot judge your risk" without having more details on these vulnerabilties, Cooper said. "Microsoft seems to be leaning more and more toward a 'patch immediately or else' strategy that's not good for users."
The latest buffer-overflow problem, which is considered a basic programming error, was precisely the kind of issue that Microsoft said it would address with its recently announced Secure Windows initiative, said John Pescatore, an analyst at Stamford, Conn.-based Gartner Inc. (see story).
"What's really depressing about this flaw is that it shows they are still making the same stupid errors," Pescatore said.
Patch is available : http://www.microsoft.com/technet/tre...n/MS01-056.asp