Microsoft confirms a new bug in WMP
Microsoft has confirmed a new buffer overflow security error discovered in Windows Media Player.
This security bug was discovered by eEye Digital Security and announced to Microsoft two weeks ago and warned there could be an outbreak of new exploit code for WMP.
Fortunately, there are still no exploits available on the Internet.
eEye said the new security bug in WMP originated from the function of processing ASX playlists in XML format. This error can be exploited to trick WMP into allocating a large amount of caching for handling a long ASX file name path string and causing a buffer overflow error.
This is a necessary condition to help an exploit code to work and help hackers gain control or execute binary code on a system that has errors.
In fact, the buffer overflow error in the ASX file handling function was detected in WMP from version 6.4. However, so far this error has not been disclosed to the outside.
The Microsoft Security Response Center said it has also investigated the possibility of generating code-exploiting methods. However, the research results have not yet been published.
And eEye still insists that this error can be exploited by malicious code. Security firm Secunia is also pleased with this view and puts new bugs in Windows Media Player at "extremely dangerous" level.
Hoang Dung
- Microsoft war - the source opens to the page
- iTunes is not yet fully compatible with Vista
- Microsoft enters the market
- 5 best free alternatives for Microsoft Access
- Get familiar with Microsoft Excel
- The EU threatened to increase the penalty of Microsoft
- Bill Gates will leave Microsoft in 2008
- 9 best alternatives to Microsoft Word
- Just a few words of description, Microsoft AI has drawn a beautiful picture
- Microsoft upgraded Office Compatibility Pack
- Microsoft launches product
- Use old versions of Office to open and save files created by Office 2007