02.45.2006 - MS06-006: Vulnerability in Windows Media Player Plug-in with Non-Microsoft Internet Browsers Could Allow Remote Code Execution (911564)

A remote code execution vulnerability exists in the Windows Media Player plug-in for non-Microsoft Internet browsers because of the way the Windows Media Player plug-in handles a malformed EMBED element. An attacker could exploit the vulnerability by constructing a malicious EMBED element that could potentially allow remote code execution if a user visited a malicious Web site. An attacker who successfully exploited this vulnerability could take complete control of an affected system. - Download Microsoft Windows 2000 SP4, Windows XP SP1, Windows XP SP2 - Download Microsoft Windows Server 2003, Windows Server 2003 SP1 - Download Microsoft Windows XP Professional x64 Edition - Download Microsoft Windows Server 2003 x64 Edition - View Microsoft Security Bulletin MS06-006 - View Microsoft Knowledge Base Article - 911564 - Visit Microsoft Corporation