Home / bulletins MS09-051 - Critical: Vulnerabilities in Windows Media Runtime Could Allow Remote Code Execution (975682) - Version:2.0
Posted on 10 November 2009
There is an newer version: MS09-051 - Version: 1.1
CriticalSeverity Rating: Critical - Revision Note: V2.0 (November 10, 2009): Bulletin revised to communicate the rerelease of the update for Audio Compression Manager on Microsoft Windows 2000 Service Pack 4 to fix a detection issue. This is a detection change only; there were no changes to the binaries. Customers who have successfully updated their systems do not need to reinstall this update. Also corrected the registry key verification for DirectShow WMA Voice Codec on Windows Server 2003.Summary: This security update resolves two privately reported vulnerabilities in Windows Media Runtime. The vulnerabilities could allow remote code execution if a user opened a specially crafted media file or received specially crafted streaming content from a Web site or any application that delivers Web content. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Other versions
- MS09-051 - Version: 2.0
- MS09-051 - Version: 1.0
- MS09-051 - Version: 1.1
