Microsoft has announced three security updates as available. Below is a patch (MS11-015) for a classified as a critical vulnerability in Windows Media Player and Media Center. An attacker could also gain complete control over a system when a manipulated digital video recording file is opened.

The update also fixes a DLL-hijacking vulnerability in DirectShow. This affects Windows XP Professional, Windows XP Media Center Edition 2005, Vista, 7, Server 2008 R2 and the Windows Media Center TV Pack for Windows Vista.

“Microsoft classifies this type of file format vulnerabilities, as usually only one ‘high’, because a necessary interaction with the users,” said Wolfgang Kandek, chief technology officer of Qualys. This particular error, but a component that enables an “automatic” assault with a browser link, similar to drive-by downloads.

The two other updates also include DLL hijacking vulnerabilities whose risk Microsoft classifies as “high”. They are found in Groove 2007 SP2 (MS11-016) and in the Windows Remote Desktop client (MS11-017).

Remains unpatched in late January reported scripting vulnerability in Windows. Manipulated using MHTML files can be executed during a browsing session arbitrary scripts to collect user information such as your e-mail or to change content displayed in the browser. This affects Windows XP, Server 2003, Vista, Server 2008, 7, and Server 2008 R2.

Microsoft has announced three security updates as available. Below is a patch (MS11-015) for a classified as a critical vulnerability in Windows Media Player and Media Center. An attacker could also gain complete control over a system when a manipulated digital video recording file is opened. The update also fixes a DLL-hijacking vulnerability in DirectShow. [...]

Microsoft has announced three security updates as available. Below is a patch (MS11-015) for a classified as a critical vulnerability in Windows Media Player and Media Center. An attacker could also gain complete control over a system when a manipulated digital video recording file is opened. The update also fixes a DLL-hijacking vulnerability in DirectShow. [...]

Microsoft has announced three security updates as available. Below is a patch (MS11-015) for a classified as a critical vulnerability in Windows Media Player and Media Center. An attacker could also gain complete control over a system when a manipulated digital video recording file is opened. The update also fixes a DLL-hijacking vulnerability in DirectShow. [...]

Microsoft has announced three security updates as available. Below is a patch (MS11-015) for a classified as a critical vulnerability in Windows Media Player and Media Center. An attacker could also gain complete control over a system when a manipulated digital video recording file is opened. The update also fixes a DLL-hijacking vulnerability in DirectShow. [...]

Microsoft has announced three security updates as available. Below is a patch (MS11-015) for a classified as a critical vulnerability in Windows Media Player and Media Center. An attacker could also gain complete control over a system when a manipulated digital video recording file is opened. The update also fixes a DLL-hijacking vulnerability in DirectShow. [...]

Microsoft has announced three security updates as available. Below is a patch (MS11-015) for a classified as a critical vulnerability in Windows Media Player and Media Center. An attacker could also gain complete control over a system when a manipulated digital video recording file is opened. The update also fixes a DLL-hijacking vulnerability in DirectShow. [...]

Microsoft has announced three security updates as available. Below is a patch (MS11-015) for a classified as a critical vulnerability in Windows Media Player and Media Center. An attacker could also gain complete control over a system when a manipulated digital video recording file is opened. The update also fixes a DLL-hijacking vulnerability in DirectShow. [...]