Home Page | Skip to Navigation | Skip to Content | Skip to Search | Skip to Footer

Microsoft Windows Media File Vulnerabilities

(MS09-051, MS09-052)

Remote code execution vulnerabilities exist in the way that Microsoft Windows Media Runtime and the Windows Media Player handle specially crafted ASF files.

The Microsoft Windows Media Format Runtime provides information and tools for applications that use Windows Media content. Windows Media Player is an application for Windows that supports numerous video, audio, and image formats. Advanced Systems Format (ASF) is a digital media file format that stores audio and video information and is specially designed to run over networks like the Internet. ASF is a compressed format that contains streaming audio, video, slide shows, and synchronized events.

Attack Details

A remote attacker could exploit these issues by convincing a user to open a malformed ASF file. Successful exploitation of these vulnerabilities will allow the attacker to execute arbitrary code on an affected system remotely. Check Point provides protections that detect and block the transferring of malformed ASF files over HTTP.

MS09-051

CVE-2009-0555: This vulnerability is due to an error in the Windows Media Runtime that incorrectly processes specially crafted ASF files that make use of the Window Media Speech codec.

CVE-2009-2525: This vulnerability is due to an error in the Windows Media Runtime that does not properly initialize certain functions in compressed audio files.

Check Point protects against exploits that use these vulnerabilities though its integrated IPS products, IPS Software Blade and SmartDefense . This protection will detect and block the transferring of malformed ASF files over HTTP. For more information, see CPAI-2009-230.

MS09-052

CVE-2009-2527: This vulnerability is due to an error in Windows Media Player 6.4 that fails to properly process specially crafted ASF files.

Check Point protects against exploits that use this vulnerability though the IPS Software Blade. This protection will detect and block the transferring of malformed ASF files over HTTP. For more information, see CPAI-2009-228.