Windows Media Player holes could expose PC

A flaw in an antipiracy feature in Microsoft's Windows Media Player could put systems at risk to hacker attacks, Microsoft warned in a security bulletin Wednesday.

All the currently supported versions of Windows Media Player, versions 6.4, 7.1 and Windows Media Player for Windows XP, are flawed in the way they handle a license request for certain secure media files. An attacker could exploit this flaw to hijack a user's system and take any action a user is capable of, Microsoft said.

The media player, when it requests license information from a server, erroneously discloses the location on the user's system of the Internet Explorer (IE) cache, which is used by IE to temporarily store files. An attacker could use this information to bypass IE's security mechanisms and run executable files in the cache, Microsoft said.

IE places information that a Web page or an HTML (Hypertext Markup Language) e-mail need to have stored on the user's system -- a file for example -- in the cache and retrieves it later for handling. One way the cache is protected against direct access is by using dynamic folder names. The cache should only be accessible by IE, Microsoft said.

An attacker could exploit the vulnerability by sending an HTML e-mail with a specially formed Windows Media file or by hosting the file on a Web site. In both cases, the IE cache location could be returned to the attacker's site once the file is played, at which point the attacker could try to run an executable in the cache, Microsoft said.

Microsoft released a software patch to fix this problem. The patch, called a cumulative patch, also includes all previously released patches for Windows Media Player and two other new patches that fix less broad security problems.

Microsoft does rate a newly patched privilege elevation vulnerability in Windows Media Player 7.1 when run on Windows 2000 "critical." A malicious user could exploit the flaw in a part of Media Player that deals with storage devices to increase his privilege level on a Windows 2000 system. The user would need to write a special software program to do that, Microsoft said.

The third newly patched vulnerability could allow an attacker to run a script of his choice on the user's computer and affects only Windows Media Player 7.1. Microsoft deems this a "low" risk vulnerability as a successful attack requires a specific series of user actions to follow in exact order.

More information about the flaws and the patch, which Microsoft urges users apply immediately, can be found at: http://www.microsoft.com/technet/security/bulletin/MS02-032.asp

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Joris Evers

Computerworld
Show Comments

Cool Tech

Breitling Superocean Heritage Chronographe 44

Learn more >

SanDisk MicroSDXC™ for Nintendo® Switch™

Learn more >

Toys for Boys

Family Friendly

Panasonic 4K UHD Blu-Ray Player and Full HD Recorder with Netflix - UBT1GL-K

Learn more >

Stocking Stuffer

Razer DeathAdder Expert Ergonomic Gaming Mouse

Learn more >

Christmas Gift Guide

Click for more ›

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Walid Mikhael

Brother QL-820NWB Professional Label Printer

It’s easy to set up, it’s compact and quiet when printing and to top if off, the print quality is excellent. This is hands down the best printer I’ve used for printing labels.

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?