September 15th, 2008
Exploit published for Windows Media Encoder flaw
If you haven’t applied Microsoft’s MS08-053 security update, now might be a good time to hit that patch button.
Proof-of-concept exploit code for the vulnerability, which allows remote code execution attacks via the Web, has been posted online, raising the likelihood that we’ll soon see in-the-wild exploitation.
The exploit, available at Milw0rm.com, targets a critical flaw in the WMEX.DLL ActiveX control installed by the Windows Media Encoder 9 Series. This ActiveX control is marked as Safe for Scripting and can be exploited view the Internet Explorer browser.
[ SEE: MS Patch Tuesday: 8 critical security holes patched ]
From Microsoft’s bulletin:
- The vulnerability could allow remote code execution if a user views a specially crafted Web page. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
The bulletin is rated “critical” on supported/affected editions of Microsoft Windows 2000, Windows XP and Windows Vista. On Windows Server 2003 and Windows Server 2008, it carries a “moderate” severity rating.
Ryan Naraine is a journalist and security evangelist at Kaspersky Lab. He manages Threatpost.com, a security news portal. Here is Ryan's full profile and disclosure of his industry affiliations.
For daily updates on Ryan's activities, follow him on Twitter.
Subscribe to Zero Day via Email alerts or RSS.
