ronjor
December 30th, 2008, 10:41 PM
-{ Quote: "If you haven’t seen it, there was a report about a possible issue affecting all versions of Microsoft Windows Media player. The security researcher making the initial report didn’t contact us or work with us directly but instead posted the report along with proof of concept code to a public mailing list. After that report, other organizations picked the report up and claimed that the issue was a code execution vulnerability in Windows Media Player.
Those claims are false. We’ve found no possibility for code execution in this issue. Yes, the proof of concept code does trigger a crash of Windows Media player, but the application can be restarted right away and doesn’t affect the rest of the system. My colleague, Jonathan Ness has gone through with more of the technical details here." }-Microsoft (http://blogs.technet.com/msrc/archive/2008/12/29/questions-about-vulnerability-claim-in-windows-media-player.aspx)
Those claims are false. We’ve found no possibility for code execution in this issue. Yes, the proof of concept code does trigger a crash of Windows Media player, but the application can be restarted right away and doesn’t affect the rest of the system. My colleague, Jonathan Ness has gone through with more of the technical details here." }-Microsoft (http://blogs.technet.com/msrc/archive/2008/12/29/questions-about-vulnerability-claim-in-windows-media-player.aspx)