Microsoft Windows Media Player CVE-2019-1480 Information Disclosure Vulnerability

Description

Microsoft Windows Media Player is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks.

Technologies Affected

• Microsoft Windows 7 for 32-bit Systems SP1
• Microsoft Windows 7 for x64-based Systems SP1

Recommendations

Permit local access for trusted individuals only. Where possible, use restricted environments and restricted shells.
Allow only trusted individuals to have user accounts and local access to the resources.

Run all software as a nonprivileged user with minimal access rights.
To reduce the impact of latent vulnerabilities, always run nonadministrative software as an unprivileged user with minimal access rights.

Do not accept or execute files from untrusted or unknown sources.
To reduce the likelihood of successful exploits, never handle files that originate from unfamiliar or untrusted sources.

Do not follow links provided by unknown or untrusted sources.
Web users should be cautious about following links to sites that are provided by unfamiliar or suspicious sources. Filtering HTML from emails may help remove a possible vector for transmitting malicious links to users.

Updates are available. Please see the references or vendor advisory for more information.