While code execution flaws have the highest impact, we do not feel this flaw poses a high risk to most business users. If you have local administrative privileges, the attacker gains full control your computer. If an attacker can entice you to download a specially crafted project file, then open that file in Movie Maker or Producer, he can exploit this flaw to execute code on your computer, with your privileges. Movie Maker and Producer do not properly parse specially crafted project files. Also affects Microsoft Producer 2003 (Producer is another optional download that adds rich-media creation features to PowerPoint). Today, Microsoft released a security bulletin describing a buffer overflow vulnerability that affects Windows 2.1, 2.6, and 6.0. However, if you have Windows Vista or 7, you only have it if you chose to download and install the Live Essentials package. In short, if you have Windows XP, you have Windows Movie Maker.
MICROSOFT MOVIEMAKER UPDATE FOR FREE
Instead, you have the option to download it for free as part of the Windows Live Essentials package. However, the latest versions of Windows (Windows Vista and 7), don’t provide the Movie Maker application on the installation disc. Movie Maker actually ships with older versions of Windows, such as Windows XP and 2000. Windows Movie Maker is a video capturing and editing application that you get free with Windows. What to do: Install the appropriate Movie Maker patch as soon as possible, or let Microsoft’s Automatic Update do it for you.Impact: An attacker can execute code, potentially gaining complete control of your computer.How an attacker exploits them: By enticing you to open maliciously crafted Movie Maker or Producer project.These vulnerabilities affect: Affects Windows Movie Maker 2.1, 2.6, and 6.0.
0 kommentar(er)
