Security flaw touches Windows Media Player, IE
A “critical” flaw that affects both Microsoft’s Windows Media Player and Internet Explorer has been uncovered, a security company reported late Monday.
The security flaw, which is found in the default installations of Media Player and the IE browser, could let attackers launch a remote execution of code, according to an advisory posted by eEye Digital Security.
Systems affected by the flaw include Windows XP with Service Pack 1 and Service Pack 2, Windows NT, Windows 2003 and Windows 2003 SP1, and all versions of Windows 2000.
Although eEye does not believe the vulnerability is “wormable,” the company rated it “critical” because it could allow for a remote execution of code and affects installations of Media Player and IE at their default settings, an eEye representative said.
Full story: ZDNet