Advertisement
Promo

Security threats Toolkit

Exploit code out for Windows flaw

Greg Sandoval CNET News

Published: 17 Feb 2006 09:45 GMT

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

Two examples of computer code that exploit a flaw in Windows Media Player have become available only days after Microsoft released a patch to fix the bug.

The "proof-of-concept" exploits that take advantage of a flaw in the media player were posted on the Web over the past couple of days. The flaw, rated "critical" by Microsoft, could enable an attacker to seize control of a vulnerable computer system.

The appearance of proof-of-concept code is usually a sign that actual attacks are not far off. Microsoft, when it released its patch on Tuesday, as ever urged users to upgrade their systems as soon as possible.

Microsoft recently issued patch MS06-005 as part of its monthly security update. The vulnerability in Windows Media Player can compromise a system through malicious images embedded in the player.

Versions of Windows Media Player affected by the bug include 7.1 through 10. The vulnerability was also tagged as "critical" by FrSIRT, a research outfit that published one of the two exploits.

Microsoft announced the release of seven fixes on Tuesday, including a "critical" patch for a WMF vulnerability in Internet Explorer. It exists only in IE 5.01 with Service Pack 4 on Windows 2000 and IE 5.5 with Service Pack 2 on Windows ME, Microsoft said in the security advisory.

  • Email
  • Trackback
  • Clip Link
  • Print friendlyPrint with EPSON

Did you find this article useful?
86 out of 162 people found this useful


In association with HP

Talkback

Post a comment


Full Talkback thread

0 comments

Related Links

More In Security threats



Company/Topic Alerts

Create a new alert from the list below:












Related BlackBerry Resources

Protecting the BlackBerry Device Platform Against Malware

BlackBerry Devices with Bluetooth - Security Overview

BlackBerry Enterprise Server IT Policy

BlackBerry Enterprise Solution - Security Technical Overview

BlackBerry Enterprise Solution and RSA SecurID

CIO's Guide to Mobile Security

See All White Papers

Video icon

Video

Sentry Posts Blog

Official Organizations Losing Data

How does this article from earlier today make you feel? How many more government, health service, or military officials are going to lose pen drives, DVDs, USB hard disks and even entire... More

1 comment

Twitter hack was DNS redirect

Twitter has said an attack on Thursday which took the site offline for many users was the result of a DNS redirect. A group calling itself the Iranian Cyber Army redirected users... More

1 comment

McKinnon lawyers seek judicial review

Lawyers seeking a judicial review for Nasa hacker Gary McKinnon lodged fresh evidence of his psychiatric state at the High Court on Thursday. Karen Todner, McKinnon's solicitor,... More

1 comment

Win a BlackBerry with Vlingo voice recognition

Win a BlackBerry with Vlingo voice recognition

What is ZDNet UK's usual tagline?

Competition closes - 14 Jan 2010


Skip Sub Navigation Links to CNET Brand Links

Help

Become part of the ZDNet community.

ALL TOOLKITS

Blogs

Newsletters