Windows 7 Media Player Security Flaws

Two weeks ago Microsoft issued a security bulletin regarding  at least eight vulnerabilities affecting all versions of the Windows operating system. The company was urging Windows users to pay special attention to MS12-004, which is a “critical” bulletin that provides fixes for two serious flaws in the way Windows 7 Media PLayer handles certain media files security flaws.

New Flaws

Well, since then hackers have found new Media Player Security  flaws and are exploiting this issue to plant malware on unpatched computers. The vulnerability works when the in-the-wild attacks are launched through web sites rigged with booby-trapped Windows media files. The vulnerability occurs when Windows Multimedia Library in Windows Media Player (WMP) fails to handle a specially crafted MIDI file, this allows remote attackers to execute arbitrary code.

So what happens? The end result is a malicious Trojan with rootkit capabilities infecting the computer.  The attack happens silently in the background and all the user sees is a blank WMP application playing a file. So with the Trojan in place, the attack on the computer can begin.

With a specially crafted MIDI file, the successful attacker could gain remote code execution against a target running the ubiquitous Windows Media Player.

The second critical vulnerability caused by the Media player occurs when filters in DirectShow do not properly handle media files in the way that they should.  The filter is supposed to keep out certain code, preventing it from executing. But it doesn’t do that. DirectShow is a part of Microsoft DirectX, a Windows feature used for streaming media on Windows operating systems to enable graphics and sound when playing games or watching video.

Since the media player keeps working, users do not notice anything wrong until the virus or root kit launches. Then they may not even know or suspect where the problem originated, or even what is launching the virus now.

Microsoft suggests that getting the update patch, on the original vulnerability is necessary. However, they will have to make another patch quickly.



Subscribe & Connect

Share This Post: 

Subscribe to our e-mail newsletter for updates:

, ,

One Response to Windows 7 Media Player Security Flaws

  1. Guest January 30, 2012 at 11:15 pm #

    WMP is one of the worst media players out there and WMC is a total piece of crap that is far from being able to interface with modern systems.

    I can think of 2 already that are completely fee and are way better to include secure.

    Microsoft still drops the ball even to this day.
    Instead of improving the system they have they change it and making it worse like the MetroUI and the ribbon interface.  WTF?
    No use on a desktop and they STILL haven’t fixed the folders issue that THOUSANDS of users have complained about.

Leave a Reply