Windows Media Encoder 9 Could Allow Remote Code Execution (KB954156) - MS08-053

Proof-of-concept exploit code for the vulnerability, which allows remote code execution attacks via the Web, has been posted online, raising the likelihood that we’ll soon see in-the-wild exploitation. The exploit, available at Milw0rm.com, targets a critical flaw in the WMEX.DLL ActiveX control installed by the Windows Media Encoder 9 Series.  This ActiveX control is marked as […]

Proof-of-concept exploit code for the vulnerability, which allows remote code execution attacks via the Web, has been posted online, raising the likelihood that we’ll soon see in-the-wild exploitation. The exploit, available at Milw0rm.com, targets a critical flaw in the WMEX.DLL ActiveX control installed by the Windows Media Encoder 9 Series.  This ActiveX control is marked as Safe for Scripting and can be exploited view the Internet Explorer browser.

[ SEE: MS Patch Tuesday: 8 critical security holes patched ]

From Microsoft’s bulletin [Microsoft’s MS08-053 security update]:

The vulnerability could allow remote code execution if a user views a specially crafted Web page. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Full Article