Eng
  1. Skip to navigation
  2. Skip to content
  3. Skip to sidebar


Vulnerability protection

Windows Media vulnerability could allow remote code execution


Report ID: MS201112006
Date Published: 14 December 2011

Criticality: Critical
Compromise Type: remote-code-execution
Compromise From: remote


Affected Product/Component:

Windows XP
Windows Vista
Windows 7




Summary

A vulnerability in Windows Media Player and Windows Media Center could lead to arbitrary code execution upon successful exploit using a specially crafted .dvr-ms file.



Detailed Description

Microsoft has issued a security update for Windows Media Player and Windows Media Center to address a vulnerability caused by improper parsing of .dvr-ms files. The update introduces modification on the way that Windows Media Player and Windows Media Center open specially crafted .dvr-ms files. Users are recommended to install this update as a protection against potential exploit.

 



CVE Reference

CVE-2011-3401



Solution

Install the latest security patch for applicable system, available for download from (https://technet.microsoft.com/en-us/security/bulletin/ms11-092)



Online Virus Scanner

 
Run a quick online virus scan of your computer.