Microsoft Corp. has issued a patch that fixes two security holes in the Windows Media Player that could allow remote, destructive control of users’ computers.
The “.WMS Script Execution” security hole applies to Media Player version 7 included with Windows Millennium Edition. It enables a malicious programmer either to design a “skin” that could take over the system or put a script on a Website that would accomplish the same result. The second hole pertains to versions 6.4 and 7 of Media Player and exploits Active Stream Redirector .asx files, permitting a malicious coder to take over a target PC.
Read the source article at pcworld.com..