Security flaw touches Windows Media Player, IE

["Fergie (Paul Ferguson)" <fergdawg () netzero net>]

Via C|net News.

[snip]

A "critical" flaw that affects both Microsoft's Windows Media Player and Internet Explorer has been uncovered, a 
security company reported late Monday.

The security flaw, which is found in the default installations of Media Player and the IE browser, could let attackers 
launch a remote execution of code, according to an advisory posted by eEye Digital Security.

Systems affected by the flaw include Windows XP with Service Pack 1 and Service Pack 2, Windows NT, and all versions of 
Windows 2000.

Although eEye does not believe the vulnerability is "wormable," the company rated it "critical" because it could allow 
for a remote execution of code and affects installations of Media Player and IE at their default settings, an eEye 
representative said.

Microsoft could not be immediately reached for comment.

[snip]

Article:
http://news.com.com/Security+flaw+touches+Windows+Media+Player,+IE/2100-1002_3-5899448.html

eEye advisory:
http://www.eeye.com/html/research/upcoming/20051017.html

- ferg


--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg () netzero net or fergdawg () sbcglobal net
 ferg's tech blog: http://fergdawg.blogspot.com/

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.