XP Flaw Puts MP3, Windows Media Files at Risk - TennisForum.com
LinkBack Thread Tools
post #1 of 1 (permalink) Old Dec 22nd, 2002, 05:29 AM Thread Starter
Senior Member
Join Date: Jun 2002
Posts: 4,079
Arrow XP Flaw Puts MP3, Windows Media Files at Risk

December 19, 2002
XP Flaw Puts MP3, Windows Media Files at Risk
By Dennis Fisher

Thanks to a newly found flaw in Windows XP, two of the most popular audio file formats can be used by crackers to take control of remote PCs. Users only need to hover their mouse pointers over the icons for malicious MP3 or Windows Media files to execute the attacker's code, Microsoft Corp. said in a bulletin published Wednesday.
The vulnerability lies in the Windows Shell, which is the portion of the operating system responsible for defining the user's desktop as well as organizing files and folders and enabling the OS to start applications. An unchecked buffer in a function used by the shell to extract custom attribute data from audio files enables an attacker to create a malicious MP3 or Windows Media file and use it to run code on a remote user's machine.

MP3 files are traded and shared by the millions on sites and peer-to-peer networks all over the Internet. Users commonly download and play files posted by people they've never met, and there is essentially no practical way of verifying the content of these files to ensure that they're not corrupted. The Windows Media format is somewhat less popular than the MP3 format, but is still quite prevalent online.

To exploit the vulnerability, an attacker can do one of three things: host the malicious file on a Web site or on a network share or send it to a user in an HTML mail message. If a user hovered the mouse pointer over the file or the folder containing the file--on a Web page or on the local disk--the code would execute. A user would need to open or preview a mail message containing the code to execute it in the e-mail attack scenario.

A successful attack would either cause the Windows Shell to fail or would run the attacker's code on the user's machine.

The vulnerability is found in Windows XP Home Edition, XP Pro, XP Tablet PC Edition and XP Media Center Edition. The patch for the vulnerability is located here.

There is a similar vulnerability in the popular Winamp media player, according to Foundstone Inc., the security company that discovered both vulnerabilities.
CHOCO is offline  

Quick Reply

Register Now

In order to be able to post messages on the TennisForum.com forums, you must first register.
Please enter your desired user name, your email address and other required details in the form below.

User Name:
Please enter a password for your user account. Note that passwords are case-sensitive.


Confirm Password:
Email Address
Please enter a valid email address for yourself.

Email Address:


Human Verification

In order to verify that you are a human and not a spam bot, please enter the answer into the following box below based on the instructions contained in the graphic.

Thread Tools
Show Printable Version Show Printable Version
Email this Page Email this Page

Posting Rules  
You may not post new threads
You may post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

For the best viewing experience please update your browser to Google Chrome