TITLE: Microsoft Windows MPEG Layer-3 Codecs Buffer Overflow Highly critical Impact: System access Where: From remote VERIFY ADVISORY: http://secunia.com/advisories/39379/ DESCRIPTION: A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in the MPEG Layer-3 codecs and can be exploited to cause a stack-based buffer overflow when decoding an AVI file containing a specially crafted MPEG Layer-3 audio stream. Successful exploitation allows execution of arbitrary code. SOLUTION: Apply patches. Microsoft Windows 2000 SP4: http://www.microsoft.com/downloads/details.aspx?familyid=F6394FC2-B9D0-46CF-9265-A0D4AEB1448F Windows XP SP2/SP3: http://www.microsoft.com/downloads/details.aspx?familyid=B1582A74-4A7B-4540-BEB1-7C89C86EAE87 Windows XP Professional x64 Edition SP2: http://www.microsoft.com/downloads/details.aspx?familyid=8AFCA317-A647-44AA-A771-5D85CD5D62EA Windows Server 2003 SP2: http://www.microsoft.com/downloads/details.aspx?familyid=9F89746C-181E-4177-A851-EC1826E78B6D Windows Server 2003 x64 Edition SP2: http://www.microsoft.com/downloads/details.aspx?familyid=B97E7EA1-A163-4CE4-8CBC-5F933773C4B2 Windows Vista (optionally with SP1/SP2): http://www.microsoft.com/downloads/details.aspx?familyid=0E7140BB-42D3-48B3-9F4B-D55B17770DE8 Windows Vista x64 Edition (optionally with SP1/SP2): http://www.microsoft.com/downloads/details.aspx?familyid=B885AEF4-3A5D-4C3E-BEF6-5EFEF2965752 Windows Server 2008 for 32-bit Systems (optionally with SP2): http://www.microsoft.com/downloads/details.aspx?familyid=8E9C04C9-898F-4ED2-949D-F4343CC0D9F6 Windows Server 2008 for x64-based Systems (optionally with SP2): http://www.microsoft.com/downloads/details.aspx?familyid=D6F2E1AE-48D3-4D2C-B329-32CFF00AFEE5 ORIGINAL ADVISORY: MS10-026 (KB977816): http://www.microsoft.com/technet/security/bulletin/MS10-026.mspx ========================= The list's FAQ's can be seen by sending an email to PCWorks-request@xxxxxxxxxxxxx with FAQ in the subject line. To unsubscribe, subscribe, set Digest or Vacation to on or off, go to //www.freelists.org/list/pcworks . You can also send an email to PCWorks-request@xxxxxxxxxxxxx with Unsubscribe in the subject line. Your member list settings can be found at //www.freelists.org/cgi-bin/lsg2.cgi/l=pcworks . Once logged in, you have access to numerous other email options. The list archives are located at //www.freelists.org/archives/pcworks/ . All email posted to the list will be placed there in the event anyone needs to look for previous posts. -zxdjhu-