|
Thursday, 22 April 2010 21:20 |
On Tuesday, April 13th, Microsoft released security update MS10-025 - Vulnerability in Microsoft Windows Media Services Could Allow Remote Code Execution (980858). This security update resolves a privately reported vulnerability in Windows Media Services running on Microsoft Windows 2000 Server. The vulnerability could allow remote code execution if an attacker sent a specially crafted transport information packet to a Microsoft Windows 2000 Server system running Windows Media Services. Microsoft ratings for MS10-025: Maximum Severity Rating - Critical Impact of Vulnerability - Remote Code Execution Media Services Stack-based Buffer Overflow Vulnerability - CVE-2010-0478 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0478 A remote code execution vulnerability exists in Microsoft Windows 2000 Server Service Pack 4 running the optional Windows Media Services component due to the way the Windows Media Unicast Service handles specially crafted transport information packets. On Microsoft Windows 2000 Server Service Pack 4, Windows Media Services is an optional component and is not installed by default. Only Microsoft Windows 2000 Server systems that have enabled Windows Media Services are affected by this vulnerability. Before taking any action please ensure that you are viewing the latest official version of this security advisory by referencing http://www.nortel.com/securityadvisories For more information: Please contact your next level of support or visit http://www.nortel.com/contact for support numbers within your region. Nortel security advisories: http://nortel.com/securityadvisories Nortel Partner Information Center (PIC) website: http://www.nortelnetworks.com/pic
Source : http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=1005265&poid=
|
News 
