On The Insider: Cougar Town Production Postponed
BNET Business Network:
BNET
TechRepublic
ZDNet
71 TalkBacks

By Greg Sandoval
Posted on ZDNet News: Feb 17, 2006 2:55:00 AM

Two examples of computer code that exploit a flaw in Windows Media Player have become available only days after Microsoft released a patch to fix the bug.

The "proof-of-concept" exploits that take advantage of a flaw in the media player were posted on the Web over the past couple of days. The flaw, rated "critical" by Microsoft, could enable an attacker to seize control of a vulnerable computer system.

The appearance of proof-of concept code is usually a sign that actual attacks are not far off. Microsoft, when it released its patch Tuesday, urged users to upgrade their systems as soon as possible.

Microsoft recently issued patch MS06-005 as part of its monthly security update. The vulnerability in Windows Media Player can compromise a system through malicious images embedded in the player.

Versions of Windows Media Player affected by the bug include 7.1 through 10. The vulnerability was also tagged as "critical" by the French Security Incident Response Team, or FrSIRT, a research outfit that published one of the two exploits.

Microsoft announced the release of seven fixes on Tuesday, including a "critical" patch for a Windows Meta File vulnerability in Internet Explorer. It exists only in IE 5.01 with Service Pack 4 on Windows 2000 and IE 5.5 with Service Pack 2 on Windows ME, Microsoft said in the security advisory.

SponsoredWhite Papers, Webcasts, and Downloads

  • Talkback
  • Most Recent of 71 Talkback(s)
CEO's read?
HA! They pay people to read for them......
Well either that or they are puppets.... (Read the rest)
Posted by: Shelendrea Posted on: 02/20/06 You are currently: a Guest | | Terms of Use
I've already patched, so I'm good to go.  Grayson Peddie | 02/17/06
Message has been deleted.  Nix_0S_Fan | 02/17/06
unlike this witty post  corticus | 02/17/06
Are you 12 years old?  balsover | 02/17/06
Message has been deleted.  Nix_0S_Fan | 02/17/06
You need a hobby  Shelendrea | 02/17/06
Ha! I dont get it and its still funny!  Cayble | 02/17/06
And your post makes you look dignified by comparison?  HypnoToad | 02/17/06
Help me understand......You're not a stroke how?  chrislovesdana | 02/17/06
Patched it Hmm! Well I one up'ed you  IceTheNet@... | 02/17/06
I'd like to know more just for accuracy sake...  bob2cam | 02/17/06
Chicken or Egg?  Mr. Roboto | 02/17/06
Attack code out for latest Microsoft flaw  Loverock Davidson | 02/17/06
Sure, when you pay them enough.  olePigeon | 02/17/06
Pay them?  Loverock Davidson | 02/17/06
I love it too, Loverock!  Grayson Peddie | 02/18/06
You will never get  djc1309@... | 02/17/06
If I were managing a thousand computers  georgep_z | 02/17/06
If you were managing  Loverock Davidson | 02/17/06
If you were managing anything  I'm Ye, the MS SHILL . | 02/17/06
and it's a shame  Shelendrea | 02/17/06
Yeah!  Loverock Davidson | 02/17/06
didn't say there was  Shelendrea | 02/17/06
LOL  Loverock Davidson | 02/17/06
LOL indeed  mdsmedia | 02/18/06
You have no idea what you're talking about  Chad_z | 02/17/06
I do, you don't  Loverock Davidson | 02/17/06
it's apparent you aren't enterprise material...  Monkey_MCSE | 02/17/06
I think I am thanks  Loverock Davidson | 02/17/06
you are truely amusing sometimes...  Monkey_MCSE | 02/19/06
Loverock, don't listen to Linux fools.  Grayson Peddie | 02/19/06
Loverock you're good at saying nothing  mdsmedia | 02/18/06
rude  Shelendrea | 02/17/06
Not Rude when you are correct  djc1309@... | 02/17/06
No it's rude  Shelendrea | 02/17/06
Walter: Am I wrong?  Code Poet | 02/17/06
Your unamed "recent article"  LoCal | 02/17/06
Important info left out  Loverock Davidson | 02/17/06
You still haven't named your "recent study".  LoCal | 02/18/06
WSUS  jhunt302 | 02/17/06
Well, your a wee bit out of touch then  Cayble | 02/17/06
I manage over 1,000  Suicida| | 02/17/06
Why do they allow this?  marbing@... | 02/17/06
You really dont know???  Cayble | 02/17/06
you're right  Shelendrea | 02/17/06
Its all about techno-economics  corticus | 02/17/06
Really?  NonZealot | 02/17/06
Worse, big companies have hijacked Linux for their own wants.  HypnoToad | 02/17/06
Wrong  bhodges00 | 02/17/06
Apple richer than MS? hmmm...  corticus | 02/17/06
Sorry if you read into it wrong.  bhodges00 | 02/17/06
Umm no  Rick_K | 02/20/06
you forgot something  Code Poet | 02/17/06
It only seems that way.  Suicida| | 02/17/06
Please...  TheCrow_z | 02/17/06
it wouldn't be fixed  Scott W | 02/17/06
In other news, rain starts just after umbrellas invented  marksashton | 02/17/06
Absolutly  Cayble | 02/17/06
Automatic if you want to take blind chances.  HypnoToad | 02/17/06
Not really  Suicida| | 02/17/06
they don't  corticus | 02/17/06
reference  corticus | 02/17/06
Sometimes I wonder....  Betelgeuse58 | 02/17/06
Damn, Another Reboot!  nikoli | 02/17/06
Okay, I apologize, you bad guys go back to messing with Mac Chat  Boot_Agnostic | 02/17/06
Message has been deleted.  Anton Philidor | 02/17/06
And in a follow-up announcement...  JDThompson | 02/17/06
Clueless Coalition disbanded.  Anton Philidor | 02/17/06
LOL!!!!!!!!!  george_ou | 02/19/06
What to do  toodevastate | 02/17/06
CEO's read?  Shelendrea | 02/20/06

What do you think?

advertisement
advertisement

White Papers, Webcasts, and Downloads

SmartPlanet

Click Here