MS15-057: Vulnerability in Windows Media Player Could Allow Remote Code Execution (3033890)
High Nessus Plugin ID 84054
SynopsisThe remote Windows host is affected by a remote code execution vulnerability.
DescriptionThe version of Microsoft Windows Media Player installed on the remote host is affected by a remote code execution vulnerability due to improper handling of crafted DataObjects. A remote, unauthenticated attacker can exploit this by tricking a user into opening a specially crafted DataObject, resulting in the execution of arbitrary code in the context of the current user.
SolutionMicrosoft has released a set of patches for Windows 2003, Vista, 2008, 7, and 2008 R2.