===================================================================== CERT-Renater Note d'Information No. 2007/VULN500 _____________________________________________________________________ DATE : 12/12/2007 HARDWARE PLATFORM(S) : / OPERATING SYSTEM(S) : Systems running Windows Media Format Runtime, Windows Media Services v9.1. ====================================================================== http://www.microsoft.com/technet/security/Bulletin/MS07-068.mspx ______________________________________________________________________ Microsoft Security Bulletin MS07-068 Critical Vulnerability in Windows Media File Format Could Allow Remote Code Execution (941569 and 944275) This critical security update resolves a privately reported vulnerability in Windows Media File Format. This vulnerability could allow remote code execution if a user viewed a specially crafted file in Windows Media Format Runtime. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This is a critical security update for supported editions of Windows Media Format Runtime 7.1, 9, 9.5, 11 and for Windows Media Services 9.1. Affected Software Windows Media Format Runtime 7.1 Windows Media Format Runtime 9 Windows Media Format Runtime 9.5 Windows Media Format Runtime 9.5 x64 Edition Windows Media Format Runtime 11 Windows Media Services 9.1 Non-Affected Software Windows Media Player 6.4 on Microsoft Windows 2000 Windows Media Player 6.4 on Windows XP Windows Media Player 6.4 on Windows Server 2003 Windows Media Services 4.1 on Microsoft Windows 2000 Windows Media Services 4.1 on Microsoft Windows 2003 for Itanium-Based Systems Windows Media Services 4.1 on Windows Server 2003 with SP1 for Itanium-based Systems Vulnerability Information Windows Media Format Remote Code Execution Vulnerability Parsing ASF CVE-2007-0064 A remote code execution vulnerability exists in Windows Media Format Runtime due to the way it handles Advanced Systems Format (ASF) files. In client applications, such as Windows Media Player, an attacker could exploit the vulnerability by constructing specially crafted Windows Media Format Runtime content that could potentially allow remote code execution if a user visits a specially crafted Web site or opens an e-mail message with specially crafted content. In server applications, such as Windows Media Services, an attacker could exploit the vulnerability by constructing specially crafted Windows Media Format Runtime content that could potentially allow remote code execution if the server processes the specially crafted content. In client and server applications, an attacker who successfully exploited this vulnerability could take complete control of an affected system. ====================================================================== ========================================================= Les serveurs de référence du CERT-Renater http://www.urec.fr/securite http://www.cru.fr/securite http://www.renater.fr ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 151 bd de l'Hopital | fax : 01-53-94-20-41 + + 75013 Paris | email: certsvp@renater.fr + =========================================================