Windows Media vulnerabilities could allow remote code execution
Report ID: MS201201004
Date Published: 11 January 2012
Criticality: Critical
Compromise Type: remote-code-execution
Compromise From: remote
Affected Product/Component:
Windows Multimedia Library and/or DirectShow
- in -
Windows XP
Windows Server 2003
Windows Vista
Windows Server 2008
Windows 7
Windows Server 2008 R2
Summary
Two vulnerabilities, both caused by improper handling of specially crafted media files, could lead to arbitrary code execution on an affected system.
Detailed Description
Microsoft has issued a security update to address two reported vulnerabilities, each of which could be exploited by an attacker to execute code and take control of an affected system. The first vulnerability was caused when Windows Media Player fails to handle a specially crafted MIDI file, while the other was a result of filters in DirectShow failing to properly handle specially crafted media files.
These issues has been fixed by correcting the way Windows Media Player handles MIDI files, and correcting the way DirectShow parses media files. Users are recommended to install the latest update to protect their system from potential exploit.
CVE Reference
CVE-2012-0003
CVE-2012-0004
Solution
Install the latest security patch for applicable system, available for download from (https://technet.microsoft.com/en-us/security/bulletin/ms12-004)
