04.101.2006 - MS06-005: Vulnerability in Windows Media Player Could Allow Remote Code Execution v2.0 (911565)

remote code execution vulnerability exists in Windows Media Player because of the way that it handles processing bitmap files. An attacker could exploit the vulnerability by constructing a malicious bitmap file (.bmp) that could potentially allow remote code execution if a user visited a malicious Web site or viewed a malicious e-mail message. An attacker who successfully exploited this vulnerability could take complete control of an affected system. However, significant user interaction is required to exploit this vulnerability. - Download Windows Media Player for XP on Microsoft Windows XP SP1 - Download Windows Media Player 9 on Microsoft Windows XP SP2 - Download Windows Media Player 9 on Microsoft Windows Server 2003 - Download Windows Media Player 7.1 when installed on Windows 2000 SP 4 - Download Windows Media Player 9 installed on Windows 2000 SP4 or Windows XP SP1 - Download Windows Media Player 10 installed on Windows XP SP1 or Windows XP SP2 - View Microsoft Security Bulletin MS06-005 - View Microsoft Knowledge Base Article - 911565 - Visit Microsoft Corporation