Microsoft Security Advisory (892313): Default Setting in Windows Media Player Digital Rights Management Could Allow a User to Open a Web Page Without Requesting Permission - 5/10/2005,Revision Note: Advisory published. Advisory Summary:In March 2005, Microsoft issued an update to Windows Media Player to address the issue discussed in this advisory. Microsoft was made aware that malicious attackers can potentially create media files that could then trigger the launch of a Web site without further user interaction. This Web site could potentially then try and trick the user into downloading and executing malicious software add-ons, such as spyware. This social engineering attack abuses a by-design feature in Microsoft Windows Media Player Digital Rights Management (DRM) technology that requires users to have a license to playback a media file.
Posted under Microsoft Security Alerts
This post was written by Ted on November 1, 2007
