Home / bulletins MS10-025 - Critical: Vulnerability in Microsoft Windows Media Services Could Allow Remote Code Execution (980858) - Version:2.0
Posted on 21 April 2010
There is an newer version: MS10-025 - Version: 3.0
CriticalSeverity Rating: Critical - Revision Note: V2.0 (April 21, 2010): Revised bulletin to inform customers that the original security update did not protect systems from the vulnerability described in this bulletin. Microsoft recommends that customers apply one of the workarounds described in this bulletin to help mitigate the impact to affected systems until a revised security update is made available.Summary: This bulletin discloses a privately reported vulnerability in Windows Media Services running on Microsoft Windows 2000 Server. The vulnerability could allow remote code execution if an attacker sent a specially crafted transport information packet to a Microsoft Windows 2000 Server system running Windows Media Services. Firewall best practices and standard default firewall configurations can help protect networks from attacks that originate from outside the enterprise perimeter. Best practices recommend that systems that are connected to the Internet have a minimal number of ports exposed. On Microsoft Windows 2000 Server, Windows Media Services is an optional component and is not installed by default.
Other versions
- MS10-025 - Version:
- MS10-025 - Version: 2.0
- MS10-025 - Version: 3.0
