Three months after promising to update its flagship Windows Media Player software to block a well-known spyware infection vector, Microsoft has still not provided security for the majority of its users. The software giant's inability to ship a timely update for users of its Windows Media 9 Series has triggered new questions about Microsoft Corp.'s handling of a legitimate security threat to consumers.
Back in January, when security researchers discovered that malicious hackers were distributing rigged ".wmv" files to trick users into downloading malicious software programs, Microsoft originally brushed aside the warnings and insisted the attack vector did not exploit a vulnerability in the software. One week later, the company did an about-face and promised updates within 30 days to modify the way the media player handled the download of copyright-protected media files.
View: The full story
News source: eWeek