Petteri Pyyny
7 May 2003 15:44
Microsoft announced today that there's a critical security hole in its Windows Media Player products. The bug would allow attackers to "hijack" user's computer. Bug is available in WMP 7.1 and WMP 8.0, also known as Windows Media Player for XP.
The problem doesn't exist in WMP9 or in the older WMP versions, such as the good olde WMP 6.4 that is almost legendary among the videophiles. The malicious code can be masquerated to look like a WMP7/8 skin and when downloaded and installed, it executes itself and can do virtually anything the code's programmer wants it to do on user's computer.
Microsoft has released a patch for the problem. The bug was found by a Finnish security firm, Online Solutions, in March and it submitted its findings to Microsoft on 14th of March.
More information:
InternetNews.com
Microsoft security bulletin and patch