Two critical flaws in Windows Media Player and Internet Explorer, could render users vulnerable to attacks, Symantec Security Response said on Tuesday.
A vulnerability in various versions of Windows Media Player has the potential for remote code execution by processing malicious bitmap images embedded in Windows Media Player skins.
Even though this vulnerability is within the media player program, it could be exploited through Microsoft Internet Explorer because users often get media that is hosted on the Web.
When content is accessed this way, Microsoft Internet Explorer typically starts the media player automatically to open the media file, which could allow attackers to host the malicious skin file on a Web page as method of attack.
While a direct Web-based attack scenario is not present for Windows Media Player 7.1 on Windows 2000 or Windows Media Player 8 on Windows XP SP1, exploitation could still occur if the skin file is manually downloaded and installed.
This vulnerability affects Windows Media Player 7.1 on Windows 98/98SE/ME/2000, Windows Media Player 8 on Windows XP (up to and including SP1), Windows Media Player 9 on Windows 2000/XP SP2/Server 2003, Windows Media Player 10 on 98/98SE/ME/XP (up to and including SP2).
Cumulative Security Update for Internet Explorer
This update concerns a WMF vulnerability in Internet Explorer that could result in remote code execution and complete system compromise. The vulnerability became public last week, and Microsoft issued a security advisory acknowledging the vulnerability. The vulnerability is limited to Internet Explorer 5.01 and 5.5 running on Windows 2000 and ME platforms.
“Application vulnerabilities, such as the issue in Windows Media Player, are a growing cause of concern,” said Oliver Friedrichs, senior manager, Symantec Security Response.
“It is important that Internet users be cautious, regularly update vulnerable applications, and run up-to-date Internet security software.”
Symantec recommends the following actions for enterprises:
* Evaluate the possible impact of these vulnerabilities to critical systems.
* Plan for required responses including patch deployment and implementation of security best practices using the appropriate security and availability solutions.
* Take proactive steps to protect the integrity of networks and information.
* Verify that appropriate data backup processes and safeguards are in place and effective.
* Remind users to exercise caution in opening all unknown or unexpected e-mail attachments and in following Web links from unknown or unverified sources.
Symantec recommends the following actions for consumers:
* Regularly run Windows Update and install the latest security updates to keep software up to date.
* Avoid opening unknown or unexpected e-mail attachments or following Web links from unknown or unverified sources.
* Consider using an Internet security solution such as Norton Internet Security to protect against today’s known and tomorrow’s unknown threats.
Additional information can be found at this Web site
Symantec’s security experts will closely monitor further information related to these vulnerabilities and will provide updates and security content as necessary.