GFI
English siteGerman siteItalian siteFrench siteSpanish site
 
 
Products
Register
FAQs
Downloads
Contact us
Resellers
Reseller program
Search
   




SECURITY FLAW DISCOVERED IN WINDOWS MEDIA PLAYER 7:

Can be blocked by mail essentials email content checking gateway

London, UK, 23 November, 2000 - GFI, developer of email content checking & network security software, has discovered a security flaw within Windows Media Player 7 which allows a malicious user to run arbitrary code on a victim's machine as it attempts to view a web site or an HTML email. GFI has notified Microsoft Corp., which issued an advisory (Microsoft security Bulletin number MS00-090).

Windows Media Player 7 is included by default on Windows Millennium Editions and is available from Microsoft for free. It includes skinning capabilities that allow it to change interface. GFI has found that this can be exploited to execute code on remote machines.

"The exploit works simply by opening an email on a machine which includes Windows Media Player 7 and on which HTML scripts are allowed, or by browsing a malicious site," warned GFI security engineer, Sandro Gauci.

"This security problem is exploited by embedding a JavaScript (.js) file within a Media Player skin file (.wmz) which can also be embedded in a Windows Media Download file (.wmd). This does not require the user to run any attachments since the Media Player file is automatically executed using an iframe tag or a window.open() with in a <script> tag," he explained.

GFI advises to filter incoming emails for WMD and WMZ files, and automatically remove JavaScript, iframe tags, meta refresh tags and possibly ActiveX tags from incoming HTML email.

"This can be done automatically with an email content checking gateway such as Mail essentials. HTML tags and dangerous attachments will be removed automatically at server level and therefore network admins need not worry about their users receiving malicious attachments or html mails," pointed out Nick Galea, GFI CEO.

GFI (www.gfi.com) has six offices in the US, UK, Germany, France, Australia and Malta, and has a worldwide network of distributors. GFI is the developer of FAXmaker, Mail essentials and LANguard, and has supplied applications to clients such as Microsoft, Sage, London Fire Brigade, BMW, the US IRS, Siemens, Digital, Ericsson, NASA, Olivetti, and the USAF. GFI has won the Microsoft Fusion 2000 (GEM) Packaged Application Partner of the Year award, and was named one of 1999's fastest growing software companies for Windows by Microsoft Corp. and CMP Media.
       
   © 2002. All rights reserved. GFI Ltd.
| Home | Products | Support | Purchasing | Downloads | Resellers | Contact GFI |