![[H]ardOCP](/images/blank.gif){kind=small}
Microsoft Denies WMP Vulnerability
The Microsoft Security Response Center blog says that rumors of a Windows Media Player vulnerability are flat out false. The MSRC team says that the only thing the proof of concept code is able to do is crash WMP (which can be restarted immediately) and has no impact on the rest of the system.
If you haven’t seen it, there was a report about a possible issue affecting all versions of Microsoft Windows Media player. The security researcher making the initial report didn’t contact us or work with us directly but instead posted the report along with proof of concept code to a public mailing list. After that report, other organizations picked the report up and claimed that the issue was a code execution vulnerability in Windows Media Player. Those claims are false.