Members
  • Total Members: 14197
  • Latest: Levine
Stats
  • Total Posts: 43434
  • Total Topics: 16528
  • Online today: 3114
  • Online ever: 51419
  • (01. January 2010., 10:27:49)
Users Online
Users: 2
Guests: 3060
Total: 3062









Author Topic: Microsoft Refutes Windows Media Player Vulnerability  (Read 6780 times)

0 Members and 1 Guest are viewing this topic.

Samker

  • SCF Administrator
  • *****
  • Posts: 7529
  • KARMA: 322
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • SCforum.info - Samker's Computer Forum
Microsoft Refutes Windows Media Player Vulnerability
« on: 30. December 2008., 21:01:06 »


Microsoft is denying that an alleged vulnerability affecting its Windows Media Player software, identified by a security researcher on Christmas Eve, is a security risk for PC users.

On a company blog Monday, Microsoft said the claims posted on SecurityFocus's Bugtraq site on Dec. 24 that a bug in Windows Media Player 9, 10 or 11 on Windows XP or Vista allowed remote code execution are "false." Dec. 24 is known in much of the world as Christmas Eve, the night before the annual Christmas holiday.

"We've found no possibility for code execution in this issue," according to a Microsoft Security Response Center blog entry.

Microsoft acknowledged that the code posted on Bugtraq does crash Windows Media Player, Microsoft's software for playing music and video files, but the application can be restarted "right away" and doesn't affect the rest of the system.

Microsoft also in the blog entry criticizes the security researcher, identified as Laurent GaffiƩ on the Bugtraq post, for not reporting the vulnerability to the company when it was first found so the claim could be dismissed earlier.

"If he had, we would've done the exact same investigation we just completed," according to the blog entry. "When we were done, we would have let them know what we found, asked him if he thinks we might have missed something, continued the investigation if there was more information and ultimately closed the case if we didn't find a vulnerability. This is how we handle all of the cases we investigate with responsible researchers every year."

Microsoft said it began investigating the report of the vulnerability as soon as it was posted late Christmas Eve, and that researchers worked over the holiday period to look into the situation.

Microsoft ultimately discovered that the so-called vulnerability was part of "ongoing code maintenance" and that it's already been addressed in Windows Server 2003 Service Pack 2. Microsoft plans to address the problem in future versions of its software.

(PC World)

Samker's Computer Forum - SCforum.info

Microsoft Refutes Windows Media Player Vulnerability
« on: 30. December 2008., 21:01:06 »

cicurug

  • SCF Newbie
  • *
  • Posts: 3
  • KARMA: 1
Re: Microsoft Refutes Windows Media Player Vulnerability
« Reply #1 on: 06. August 2009., 09:00:25 »
wow it's like great.. ;D

Samker's Computer Forum - SCforum.info

Re: Microsoft Refutes Windows Media Player Vulnerability
« Reply #1 on: 06. August 2009., 09:00:25 »

 

With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Verification:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.codekids.ba:

Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Kursevi programiranja za ucenike u Sarajevu

Terms of Use | Privacy Policy | Advertising
TinyPortal 2.3.1 © 2005-2023