This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
Vulnerability Found In MP3 And Windows Media Files
Flaw can let an attacker take over a user's PC if the user lets mouse hover over an infected file.
Security experts are warning of a vulnerability in MP3 and Windows Media files that can be activated simply by a user hovering a mouse over an infected file. The vulnerability could let attackers take over a user's PC.
The flaw in Windows XP can force the operating system to run code when a music file is played by Windows Explorer, the operating system's file-browsing application. Hovering the mouse pointer over a file will open a preview of it and trigger the file's payload, if it has one. The vulnerability doesn't affect Windows Media Player, Microsoft says.
The popular Nullsoft Winamp free media player is also vulnerable.
Further information and patches to Windows and Winamp are available in several places on the Web: the CERT Coordination Center at Carnegie Mellon University; Foundstone, with advisories for both Windows XP and Winamp; Microsoft; and Nullsoft, which has an update to Winamp.
We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
2020 State of DevOps ReportDownload this report today to learn more about the key tools and technologies being utilized, and how organizations deal with the cultural and process changes that DevOps brings. The report also examines the barriers organizations face, as well as the rewards from DevOps including faster application delivery, higher quality products, and quicker recovery from errors in production.
Enterprise Automation: Do More with LessIn this IT Trend Report, we highlight the benefits of automation and the various tools as enterprises navigate turbulent times, try to do more with less, keep their operations running, and stay on track with digital modernizations.