EEYE Digital Security said it has discovered a critical bug in Windows Media Player which needs fixing straight away.
An unchecked buffer in WMP lets people create bad bitmap BMP files which lets nasty folk execute commands on client PCs.
The bug is present in Media Player versions 7.1 to 10 running on Windows XP, Windows 2003, Windows NT, and Windows 2000 SP4.
Eeye said that the enormous installed base of the program concerned means that people and firms need to fix the problem straight away.
People that have the â‚¬U version of Windows without Media Player are probably OK.
Microsoft released a set of patches to fix the problem – we’d suggest you get them tout suite if you ever use Windows Media Player. The trouble is, and we’ve tested this on two machines so far, the security update for Windows XP numbered KB913446 does not seem to install properly. We await guidance from La Vole.
News source: Theinquirer