Author Topic: Another serious zero-day hole in Windows Media Player 9 and 11!  (Read 2945 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33932
  • malware fighter
Another serious zero-day hole in Windows Media Player 9 and 11!
« on: December 28, 2008, 03:03:12 PM »
Hi malware fighters,

Another serious zero-day day hole in Windows Media Player 9 and 11 published on the web. Through a prepeared Wav, SND of MIDI file an attacker can take over the OS. Tested on fully patched XP and Vista.  POC exploit can be found here: http://www.securitytracker.com/alerts/2008/Dec/1021495.html
The malicious files can be embedded in a website. M$ has not come forward with a reaction to the publication, neither has Jeff Jones. For the moment I use VLC Media Player,

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48652
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Another serious zero-day hole in Windows Media Player 9 and 11!
« Reply #1 on: December 28, 2008, 03:23:17 PM »
Thanks for the info Damien.  :)
This is another good reason to use an alternate program to play these files.
My choice for a long time,  has been jetAudio 
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v24H2 64bit, 32 Gig Ram, 1TB SSD, Avast Free 24.4.6112, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33932
  • malware fighter
Re: Another not-so-serious zero-day hole in Windows Media Player 9 and 11!
« Reply #2 on: December 29, 2008, 11:08:11 PM »
Hi bob3160,

Sometimes Microsoft is falsely accused and well here. The security researcher overplayed his hand, the hole is not that dangerous. It can crash the Media Player, yes it can, but you can then start the player again, and then it is only a nuisance:
http://blogs.technet.com/swi/archive/2008/12/29/windows-media-player-crash-not-exploitable-for-code-execution.aspx
Will be addressed in a new service pack, the fuzzers were already aware of this one,

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

samuelvirucide

  • Guest
Re: Another serious zero-day hole in Windows Media Player 9 and 11!
« Reply #3 on: December 30, 2008, 10:31:45 AM »
 ;D Hi Polonus,

  This will add to your explanation::http://msn-cnet.com.com/8301-1009_3-10129682-83.html?tag=newsEditorsPicksArea.0  :D ;)