Patch Repository

Windows Media Player 6.4 Patch Details
Patch Name WindowsMedia6-KB925398-x86-ENU.exe
Patch Description Security Update for Windows Media Player 6.4 for Windows (KB925398)
Bulletin Id MS06-078
Bulletin Title Vulnerability in Windows Media Format Could Allow Remote Code Execution (923689)
Severity Critical
Location Path WindowsMedia6-KB925398-x86-ENU.exe
Bulletin Summary CVE-2006-4702:
A remote code execution vulnerability exists in Windows Media Format Runtime due to the way it handles Advanced Systems Format (ASF) files. An attacker could exploit the vulnerability by constructing specially crafted Windows Media Player content that could potentially allow remote code execution if a user visits a malicious Web site or opens an e-mail message with malicious content.

CVE-2006-6134
A remote code execution vulnerability exists in Windows Media Format Runtime due to the way it handles certain elements contained in Advanced Stream Redirector (ASX) files. An attacker could exploit the vulnerability by constructing a specially crafted ASX file that could allow remote code execution if a user visits a malicious Web site, where specially crafted ASX files are used to launch Windows Media player, or if a user clicks on a URL pointing to a specially crafted ASX file.
Superceding Bulletin Id None
Patch Release Date Dec 12, 2006

Affected Product Information

Product Name Service Pack Name
Windows 2000 Advanced ServerWindows 2000 Service Pack 4
Windows 2000 ProfessionalWindows 2000 Service Pack 4
Windows 2000 ServerWindows 2000 Service Pack 4
Windows Media Player 6.4 for Windows 2000Windows 2000 Service Pack 4
Windows Media Player 6.4 for Windows Server 2003Windows Server 2003 Service Pack 2
Windows Media Player 6.4 for Windows Server 2003Windows Server 2003 Service Pack 1
Windows Media Player 6.4 for Windows XPWindows XP Service Pack 2
Windows Server 2003 for Small Business ServerWindows Server 2003 Service Pack 2
Windows Server 2003 for Small Business ServerWindows Server 2003 Gold
Windows Server 2003 for Small Business ServerWindows Server 2003 Service Pack 1
Windows Server 2003, Datacenter EditionWindows Server 2003 Service Pack 2
Windows Server 2003, Enterprise EditionWindows Server 2003 Service Pack 2
Windows Server 2003, Enterprise EditionWindows Server 2003 Gold
Windows Server 2003, Enterprise EditionWindows Server 2003 Service Pack 1
Windows Server 2003, Standard EditionWindows Server 2003 Service Pack 2
Windows Server 2003, Standard EditionWindows Server 2003 Gold
Windows Server 2003, Standard EditionWindows Server 2003 Service Pack 1
Windows Server 2003, Web EditionWindows Server 2003 Service Pack 2
Windows Server 2003, Web EditionWindows Server 2003 Gold
Windows Server 2003, Web EditionWindows Server 2003 Service Pack 1
Windows XP ProfessionalWindows XP Service Pack 2

Disclaimer: This webpage is intended to provide you information about patch announcement for certain specific software products. The information is provided "As Is" without warranty of any kind. The links provided point to pages on the vendors websites. You can get more information by clicking the links to visit the relevant pages on the vendors website.