KLA10998Information disclosure vulnerability in Microsoft Windows Media Player

2017-03-14T00:00:00
ID KLA10998
Type kaspersky
Reporter Kaspersky Lab
Modified 2019-03-07T00:00:00

Description

Detect date:

03/14/2017

Severity:

Warning

Description:

An improper handling of objects in memory was found in Microsoft Windows Media Player. By exploiting this vulnerability malicious users can obtain sensitive information. This vulnerability can be exploited remotely via a specially designed website.

Affected products:

Windows Vista Service Pack 2
Windows 7 Service Pack 1
Windows RT 8.1
Windows 10
Windows Server 2008 Service Pack 2
Windows Server 2008 R2 Service Pack 1
Windows Server 2012
Windows Server 2012 R2

Solution:

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories:

Microsoft Security Update Guide
CVE-2017-0042

Impacts:

OSI

Related products:

Microsoft Windows Server 2012

CVE-IDS:

CVE-2017-00422.6Warning

Microsoft official advisories:

KB list:

4015551
4012215
4012216
4012606
4013198
4013429
4012212
4012213
3214051
4015548