Exploit published for Windows Media Encoder flaw

Proof-of-concept exploit code for the vulnerability, which allows remote code execution attacks via the Web, has been posted online, raising the likelihood that we'll soon see in-the-wild exploitation.

The exploit, available at Milw0rm.com,   targets a critical flaw in the WMEX.DLL ActiveX control installed by the Windows Media Encoder 9 Series.  This ActiveX control is marked as Safe for Scripting and can be exploited view the Internet Explorer browser.

[ SEE: MS Patch Tuesday: 8 critical security holes patched ]

From Microsoft's bulletin:

• The vulnerability could allow remote code execution if a user views a specially crafted Web page. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

The bulletin is rated "critical" on supported/affected editions of Microsoft Windows 2000, Windows XP and Windows Vista.   On Windows Server 2003 and Windows Server 2008, it carries a "moderate" severity rating.