scoutt
01-08-2009, 08:01 PM
(December 29 & 30, 2008)
Microsoft has played down reports of a security flaw in Windows Media
Player, saying the problem is a "reliability issue with no security risk
to customers." Researchers maintain the integer overflow vulnerability
could be exploited to inject malicious code, and have published
proof-of-concept code to demonstrate the attack. In a Microsoft blog
post, the company expressed its disappointment with the researcher's
decision to publicize his assertions without first contacting the
company.
http://www.csoonline.com/article/473114/Microsoft_Downplays_Windows_Media_Player_Bug?source=nlt_csonewswatch
http://www.theregister.co.uk/2008/12/30/wmp_bug_spat/
http://news.cnet.com/8301-1009_3-10129682-83.html?part=rss&subj=news&tag=2547-1009_3-0-20
http://blogs.technet.com/msrc/archive/2008/12/29/questions-about-vulnerability-claim-in-windows-media-player.aspx
Microsoft has played down reports of a security flaw in Windows Media
Player, saying the problem is a "reliability issue with no security risk
to customers." Researchers maintain the integer overflow vulnerability
could be exploited to inject malicious code, and have published
proof-of-concept code to demonstrate the attack. In a Microsoft blog
post, the company expressed its disappointment with the researcher's
decision to publicize his assertions without first contacting the
company.
http://www.csoonline.com/article/473114/Microsoft_Downplays_Windows_Media_Player_Bug?source=nlt_csonewswatch
http://www.theregister.co.uk/2008/12/30/wmp_bug_spat/
http://news.cnet.com/8301-1009_3-10129682-83.html?part=rss&subj=news&tag=2547-1009_3-0-20
http://blogs.technet.com/msrc/archive/2008/12/29/questions-about-vulnerability-claim-in-windows-media-player.aspx