Home / bulletins MS09-051 - Critical: Vulnerabilities in Windows Media Runtime Could Allow Remote Code Execution (975682) - Version:1.1
Posted on 15 October 2009
CriticalSeverity Rating: Critical - Revision Note: V1.1 (October 14, 2009): Clarified the entry, "I have Windows Media Player installed on my system. Why am I not being offered some of the updates?" in the FAQ section. Also corrected the FAQ for CVE-2009-0555 to indicate that Microsoft is aware of limited attacks attempting to exploit the vulnerability.Summary: This security update resolves two privately reported vulnerabilities in Windows Media Runtime. The vulnerabilities could allow remote code execution if a user opened a specially crafted media file or received specially crafted streaming content from a Web site or any application that delivers Web content. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Other versions
- MS09-051 - Version: 2.0
- MS09-051 - Version: 1.0
- MS09-051 - Version: 1.1
