Proof-of-concept code that exploits a critical bug in Windows Media Player has gone public, Microsoft Corp. warned users late Thursday.
A vulnerability in Media Player 9 and 10 can be used by attackers to grab control of a PC, security researchers warned. A malicious .asx-formatted playlist, if opened by an unsuspecting user, could completely compromise the machine.
"We're aware of proof-of-concept code published publicly affecting Windows Media ASX file format [and] we are currently investigating," wrote Alexandra Huft, a security program manager with the Microsoft Security Response Center, on the team's blog. "We are not currently aware of attempts to exploit this vulnerability," she added.
Because .asx playlists open automatically within a browser, hackers would only need to coax users to a malicious Web site to snatch their systems. Microsoft has offered no workarounds or other tactical advice.
View: TechWeb Story
A vulnerability in Media Player 9 and 10 can be used by attackers to grab control of a PC, security researchers warned. A malicious .asx-formatted playlist, if opened by an unsuspecting user, could completely compromise the machine.
"We're aware of proof-of-concept code published publicly affecting Windows Media ASX file format [and] we are currently investigating," wrote Alexandra Huft, a security program manager with the Microsoft Security Response Center, on the team's blog. "We are not currently aware of attempts to exploit this vulnerability," she added.
Because .asx playlists open automatically within a browser, hackers would only need to coax users to a malicious Web site to snatch their systems. Microsoft has offered no workarounds or other tactical advice.
View: TechWeb Story
itunes, anyone ?
itunes, anyone ?
no.
itunes, anyone ?
no.
lol
itunes, anyone ?[/quote]
no.[/quote]
thnk GOD...
okay so wmp10 skin exist for wmp11?
if no then wmp10 for life
That doesn't fix it, because when it's embedded in a website, it still looks like crap.
Also, there's a whooping what, 50 skins to choose from? Yay. Winamp > WMP.
That doesn't fix it, because when it's embedded in a website, it still looks like crap.
But it doesnt, when its embedded in a website it look just like the other version of media player but with different colours!
That doesn't fix it, because when it's embedded in a website, it still looks like crap.
But it doesnt, when its embedded in a website it look just like the other version of media player but with different colours!
Um, and the buttons look different. And they're in different positions. Which means, it looks different. Like crap.
That doesn't fix it, because when it's embedded in a website, it still looks like crap.
But it doesnt, when its embedded in a website it look just like the other version of media player but with different colours!
Um, and the buttons look different. And they're in different positions. Which means, it looks different. Like crap.
IMHO, WMP 11 is so much better. i dont understand how you can hate it so much
Counter-Strike.
Me too, I don't get the WMP11 hating. It's actually a lot better once you get used to the change.
"We are not currently aware of attempts to exploit this vulnerability," she added.
Did anyone else ask themselves, "If no one knew about it or has been trying to exploit it, then why tell people about it BEFORE you fix it? Just fix it, THEN tell people about it. Don't give hackers any heads-up on the subject."
sheesh
"We are not currently aware of attempts to exploit this vulnerability," she added.
Did anyone else ask themselves, "If no one knew about it or has been trying to exploit it, then why tell people about it BEFORE you fix it? Just fix it, THEN tell people about it. Don't give hackers any heads-up on the subject."
sheesh
MS WANTS people to upgrade to WMP11, for the DRM and commercial ties.
"We are not currently aware of attempts to exploit this vulnerability," she added.
Did anyone else ask themselves, "If no one knew about it or has been trying to exploit it, then why tell people about it BEFORE you fix it? Just fix it, THEN tell people about it. Don't give hackers any heads-up on the subject."
sheesh
MS WANTS people to upgrade to WMP11, for the DRM and commercial ties.
Can you give me an example of where WMP11 enforces DRM moreso than, say, WMP10?
"We are not currently aware of attempts to exploit this vulnerability," she added.
Did anyone else ask themselves, "If no one knew about it or has been trying to exploit it, then why tell people about it BEFORE you fix it? Just fix it, THEN tell people about it. Don't give hackers any heads-up on the subject."
sheesh
MS WANTS people to upgrade to WMP11, for the DRM and commercial ties.
Can you give me an example of where WMP11 enforces DRM moreso than, say, WMP10?
Actualy, WMP 11 has "online store" features that only work with the Zune player, so Microshcloft wants to scare everyone into getting WMP 11 becasue they think it will lead to more Zune sales.
"We are not currently aware of attempts to exploit this vulnerability," she added.
Did anyone else ask themselves, "If no one knew about it or has been trying to exploit it, then why tell people about it BEFORE you fix it? Just fix it, THEN tell people about it. Don't give hackers any heads-up on the subject."
sheesh
MS WANTS people to upgrade to WMP11, for the DRM and commercial ties.
Can you give me an example of where WMP11 enforces DRM moreso than, say, WMP10?
Actualy, WMP 11 has "online store" features that only work with the Zune player, so Microshcloft wants to scare everyone into getting WMP 11 becasue they think it will lead to more Zune sales.
Wrong wrong wrong. Zune has its own software. It has no tie-ins with WMP 11 at all (which is actually a common gripe among WMP 11 users).
And you know? The interface is actually decent. The only thing that really bugged me was the way the Library is layed out, but with the Details view it's actually similar to WMP10, which is all I really cared about.
I don't plan to buy a Zune; Archos makes much better products.
I don't plan on using WMP's music stores; I prefer iTunes (and other sources).
I may as well just get used to WMP11. It's here to stay.
Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!
Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.