Critical bug hits Windows Media Player

Posted by Humphrey Cheung

Hackers have posted up code that exploits a critical bug in Windows Media Player. The bug is in how Media Player handles a .ASX playlist and affects Media Player versions 9 and 10. Hackers can send a malicious playlist and possible gain complete control of vulnerable computers.

Alexndra Huft with Microsoft's Security Response Center says the company is investigating the problem. Her comments were posted on Microsoft's TechNet blog. Microsoft currently does not have a workaround for the problem.

Media Player automatically opens up playlists so vulnerable computer users are urged to upgrade to Media Player 11. They can also change the settings inside of the program to not automatically open up playlists.

It was just yesterday that we reported on vulnerability in another Microsoft product, Word. The bug is rated as "extremely critical" and could allow attackers to take over computer systems.