RSSMicrosoft Patches Media Player 10
By Ed Oswald | Published February 16, 2005, 2:13 PM
Microsoft on Wednesday issued an updated Windows Media Player 10 to correct a potential security issue that could allow an attacker to mislead users into downloading malware or viruses instead of a license to playback DRM content.
A spokesperson for Microsoft confirmed that the new WMP release, marked build 3802, was the promised update to take care of issues related to the player's digital rights management functions.
As reported by BetaNews, Microsoft originally refused to fix the problem, claiming it was not an actual vulnerability. However, after criticism from security analysts, the company did an about-face and announced a patch would be made available within thirty days.
Nonetheless, Microsoft has maintained that the problem is not a security hole. "Microsoft stated several weeks ago that they were looking into the issue and while it is an unintended use of WM DRM, it is not a security hole," a company spokesperson told BetaNews in January.
Microsoft is urging consumers to upgrade their software. Windows Media Player 10 build 3802 may be downloaded via FileForum.
How old is this prog & already reciving 1st patch !!
Sloppy, Sloppy, Sloppy!
Score: 0
|Hey acey Doesn't mean the program is sloppy. Even in programming or with anything else for that matter for will always have to come back for a revision or two nothing is ever perfect, remember buddy stability comes from continuiously reassessing a certain issue and making sure it doesn't pop up and if it does to make sure that you can atleast narrow it down to it's simplest form. Just like anything else in life as well as programming or patches. etc etc...
Score: 0
|"...a POTENTIAL security issue that COULD allow an attacker to MISLEAD users into downloading malware or viruses instead of a license to playback DRM content." (emph. added)
Yes, I still consider this something that MS needs to patch, but come on, people, this is quite a stretch. It has the potential issue that could mislead users? I agree with the MS company spokesman, this isn't a security hole. Like the internet, wmplayer is a tool, used for good but can be used maliciously. Tools do that--does my hammer have a vulnerability because it can be "exploited by a malicious user" to knock someone unconscious?
Score: 0
|Translation:
Yet another minimal security issue that requires a virgin to be sacrificed during the full moon on Alpha Centauri after willingly putting oneself in the oncoming path of a Mack truck to be affected by it. It's just more grist for the trendy and often mindless MS naysayers.
Is there a risk?
Yes.
Is it a serious one?
No.
Should it be patched?
Of course.
Will it be blown out of proportion by the press and the anti-MS rabble?
Assuredl;y.
Yawn.
Score: 0
|Why was is this not available as a 'patch'? M$ is realeasing this as a seperate program.
Score: 0
|When I do a "Check for Updates" in WMP10 that it says I'm using the most current version? You'd think that they'd have that ready before urging the world to update their software due to a security hole.
Score: 0
|Because Windows doesn't find this as a problem themselves, so they could really care less if the user upgrades or not.
Score: 0
|Bakura it means they probably haven't updated their databases or server with the WMP 10 update yet and only uploaded it to their server.. If you remember the same thing happened when SP 2 Was coming out.. First to the MSDN subscribers then they posted the download link for the SP2 download, but it didn't show up on the Windows Update site til a week after its release.. Gotta give stuff time man be patient and meanwhile just downlaod it from here it's not a problem I mean either way you're getting the same version .. What's there to complain about :)
Score: 0
|I'm just surprised Microsoft has a program that has a security issue. Seems impossible since they are so popular lol
Score: 0
|