When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

Critical Bug In Legacy Windows Media Players

Proof-of-concept code that exploits a critical bug in Windows Media Player has gone public, Microsoft Corp. warned users late Thursday.

A vulnerability in Media Player 9 and 10 can be used by attackers to grab control of a PC, security researchers warned. A malicious .asx-formatted playlist, if opened by an unsuspecting user, could completely compromise the machine.

"We're aware of proof-of-concept code published publicly affecting Windows Media ASX file format [and] we are currently investigating," wrote Alexandra Huft, a security program manager with the Microsoft Security Response Center, on the team's blog. "We are not currently aware of attempts to exploit this vulnerability," she added.

Because .asx playlists open automatically within a browser, hackers would only need to coax users to a malicious Web site to snatch their systems. Microsoft has offered no workarounds or other tactical advice.

View: TechWeb Story

Report a problem with article
Next Article

GetRight 6.1

Previous Article

Neowin mobile re-released

Join the conversation!

Login or Sign Up to read and post a comment.

36 Comments - Add comment