Microsoft Windows Knowledge Base Article 2636391 update is not installed (WinMs12kb2636391Update)

Vuln ID: 71994
Risk Level: High risk vulnerability  High WinMs12kb2636391Update
Platforms: Microsoft Windows Vista, Microsoft Windows Server 2003: SP2, Microsoft Windows Server 2003: SP2 Itanium, Microsoft Windows Server 2003: SP2 x64, Microsoft Windows XP: SP2 x64 Professional, Microsoft Windows Server 2008: x64, Microsoft Windows XP: SP3, Microsoft Windows Vista: SP2 x64, Microsoft Windows Vista: SP2, Microsoft Windows Server 2008: SP2 x32, Microsoft Windows 7: x32, Microsoft Windows Server 2008: R2 x64, Microsoft Windows Server 2008: R2 Itanium, Microsoft Windows Server 2008: SP2 Itanium, Microsoft Windows 7: SP1 x64, Microsoft Windows Server 2008: R2 SP1 x64, Microsoft Windows Server 2008: R2 SP1 Itanium, Microsoft Windows Media Center TV Pack for Windows Vista: x32, Microsoft Windows Media Center TV Pack for Windows Vista: x64
Description:

Microsoft Windows Knowledge Base Article 2636391 update is not installed on the system, which could allow an attacker to exploit the following vulnerabilities:

Microsoft Windows Media Player could allow a remote attacker to execute arbitrary code on the system, caused by the improper handling of malicious files by the Windows multimedia library (winmm.dll) component. By persuading a victim to open a specially-crafted MIDI file, a remote attacker could exploit this vulnerability to execute arbitrary code on the system.

Microsoft Windows could allow a remote attacker to execute arbitrary code on the system, caused by the improper handling of malicious media files by the DirectShow (Quartz.dll and Qdvd.dll) components. By persuading a victim to open a specially-crafted media file, a remote attacker could exploit this vulnerability to execute arbitrary code on the system.

Remedy:

Apply the appropriate patch for your system, as listed in Microsoft Security Bulletin MS12-004. See References.

False Positives:
False Negatives:
Required Permission: Windows login
Additional Information:

References:

Microsoft Security Bulletin MS12-004
Vulnerabilities in Windows Media Could Allow Remote Code Execution (2636391)
http://technet.microsoft.com/en-us/security/bulletin/ms12-004

IBM Internet Security Systems X-Force Database
Microsoft Windows Media Player MIDI code execution
http://xforce.iss.net/xforce/xfdb/71992

IBM Internet Security Systems X-Force Database
Microsoft Windows DirectShow code execution
http://xforce.iss.net/xforce/xfdb/71993

ISS X-Force
Microsoft Windows Knowledge Base Article 2636391 update is not installed
http://www.iss.net/security_center/static/71994.php

CVE CVE-2012-0003
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0003

CVE CVE-2012-0004
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0004


X-Force Logo
Know Your Risks
Mitre.org CVE Logo
Common Vulnerabilties & Exposures