Microsoft Issues Patches for ‘Critical’ Flaws in Media Player and Windows

Microsoft Corp. on Tuesday warned of two "critical" security flaws that could allow attackers to use its media player or Internet Explorer Web browser to possibly take control of a computer. One flaw is a vulnerability in some versions of the Windows Media Player for playing music or video files. The flaw makes it possible for an attacker to use a malicious file that controls the appearance of the player to launch other programs on a computer.

Reuters - Microsoft warns of "critical" security flaws

Microsoft says it also plans to release an updated version of the Windows Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services and the Download Centre.

PCPro - Microsoft warns of ‘critical’ vulnerabilities in Media Player, Windows

An unchecked buffer in WMP lets people create bad bitmap BMP files which lets nasty folk execute commands on client PCs. The bug is present in Media Player versions 7.1 to 10 running on Windows XP, Windows 2003, Windows NT, and Windows 2000 SP4.

Microsoft released a set of patches to fix the problem - we’d suggest you get them tout suite if you ever use Windows Media Player.

the Inquirer - Dangerous bug found in Windows Media Player - Download the Tuesday patches now