Windows Media Player Has More Security Flaws

Over last week's Thanksgiving holiday, Microsoft (www.microsoft.com)announced two security flaws in Windows Media Player. These new vulnerabilities come just two months aftera previous Windows Media security flaw was identifiedand patched by Microsoft.

The vulnerabilities that were discovered last week area ".ASX Buffer Overrun" and ".WMS Script Execution"flaw.

The ".ASX Buffer Overrun" vulnerability allows hackersto run files when users click on an ASX file. Thesecond flaw, ".WMS Script Execution", has to do withWindows Media Player's skins option. Custom skinfiles (.WMS) can be executed automatically, and can bemade to execute rouge ActiveX controls.

The affected players are Microsoft Windows MediaPlayer 6.4 and 7.

The vulnerabilities were reported by AtStake(www.atstake.com)and GFI (www.gfi.com)

"This security problem is exploited by embedding aJavaScript (.js) file within a Media Player skin file(.wmz) which can also be embedded in a Windows MediaDownload file (.wmd)," said GFI security engineer,Sandro Gauci. "This does not require the user to runany attachments since the Media Player file isautomatically executed using an iframe tag or awindow.open() with in a (script) tag." GFI is adeveloper of e-mail security software.

Microsoft released one software patch for the two newunrelated flaws. Users can read the security bulletinand download the patch atwww.microsoft.com/technet/security/bulletin/ms00-090.asp