Remote Code Execution vulnerability in Windows Media Components - MS08-076| ID: oval:org.secpod.oval:def:3095 | Date: (C)2011-11-16 (M)2023-12-14 |
| Class: PATCH | Family: windows |
The host is missing an important security update according to Microsoft security bulletin, MS08-076. The update is required to fix multiple remote code execution vulnerabilities. The flaws are present in Windows Media Components, which fails to handle Service Principal Name (SPN) implementations and NTLM credentials. Successful exploitation allows attackers to gain complete control of an affected system.
| Platform: |
| Microsoft Windows 2000 |
| Microsoft Windows XP |
| Microsoft Windows Server 2003 |
| Microsoft Windows Vista |
| Microsoft Windows Server 2008 |
| Product: |
| Windows Media Player 6.4 |
| Windows Media Server 4.1 |
| Windows Media Server 9 |
| Windows Media Format Runtime 7.1 |
| Windows Media Format Runtime 9.5 |
| Windows Media Format Runtime 11 |
