Microsoft Corp. has denied reports that a security hole in its Windows Media Player application could be exploited to execute remote code on user’s PC.
In its post to Security Vulnerability Research and Defense blog, the software giant has notified that it has investigated the reports that appeared on the web last week, and claimed that the reports were “false”.
The investigations were triggered by a report published on the Bugtraq by researcher Laurent Gaffie, and reported a serious vulnerability in Windows Media Player version 9, 10, and 11.
However, Microsoft acknowledged that the code published on Bugtraq could crash the Windows Media Player, but claimed that it doesn’t affect the system at all.
Incidentally, Gaffie noted that the vulnerability could enable hackers to create maliciously formed SND, MIDI, and WAV files to compromise PCs with Windows XP and Vista operating systems.
Along with denial, Microsoft has condemned Gaffie for publishing security claims without first addressing it to the company, and expressed its dissatisfaction by saying “If he had, we would’ve done the exact same investigation we just completed”.
Later on Microsoft found that the so called flaw was actually a part of “ongoing code maintenance”, which has already been tackled in its Windows Server 2003 Service Pack 2.
Go To Page 2 for our comments and more related links
Our Comments
Windows Media Player is one of the most popular software as it is bundled by default with Windows. So no wonder that it is a preferred target for cybercriminals. Microsoft is possibly downplaying the security flaw to avoid a manic rush by criminals to exploit it over the extended holiday period. Expect a critical patch on Tuesday the 6th of January though during Patch Thuesday.
Related Links
Microsoft refutes Windows Media Player vulnerability
(Network World)
Windows Media Player flaw denied
(The Register)
Microsoft denies vulnerability in Windows Media Player
(CNet)
Microsoft denies the severity of a Media Player exploit
(Beta News)
Microsoft downplays Windows Media Player bug
(Computer World)
No Vulnerability in Windows Media Player, Microsoft Says
(CIO Today)
Microsoft downplays Windows Media Player bug
(Tech Spot)
Microsoft denies a major bug in Windows Media Player
(Tech Whack)
Tags: Digital Media, Hacking, Microsoft, Vulnerabilities, Windows Media Player
Add Your Comment
Follow on Twitter
More Articles
News
Hot Topics
Office web is the latest addition to Microsoft's Office business suite and is set to be the company's most revolutionary version.
Microsoft's 14th version of its award winning, multi-billion dollar cash cow business suite, is the company's most ambitious to date.
Spotify is certainly one of the most popular online music websites in the world which is a feat for a service that was officially launched only in February 2009
Featured Content
- The New Voice of the CIO. 158 CIOs in midsized businesses across 31 countries reveal their insights and vision for enhancing
competitiveness over the next five years.
Download Document
Customer Case Studies
- How a wine wholesaler improved the flow of information
Download full case study
- The server that made an entire university smarter
Download full case study
Videos
Latest Tweets
Comments