It’s Tuesday, and that means Microsoft releases the recent batch of updates to Windows. Normally Windows Updates aren’t the sort of thing that stand out to our readers, but today there is a patch that is of particular relevance. Microsoft released Security Bulletin MS11-015, and it is rated Critical.
A security vulnerability was found in the legacy file container used by Windows Media Center: dvr-ms. If you think having Windows 7 means you won’t need to update, think again. While the Microsoft Digital Video Recording file format has been around since XP, it is still supported in Windows 7. So every single version of Windows that Media Center has ever been a part of will need this update. If you have Windows Updates set to automatically update then you don’t need to do anything as it will automatically install the update the next time Windows Updates run on your computers.
From the Bulletin:
This security update resolves one publicly disclosed vulnerability in DirectShow and one privately reported vulnerability in Windows Media Player and Windows Media Center. The more severe of these vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Digital Video Recording (.dvr-ms) file. In all cases, a user cannot be forced to open the file; for an attack to be successful, a user must be convinced to do so.
This security update is rated Critical for affected editions of Windows XP (including Windows XP Media Center Edition 2005); all supported editions of Windows Vista and Windows 7; and Windows Media Center TV Pack for Windows Vista. This security update is also rated Important for all supported editions of Windows Server 2008 R2 for x64-based systems.
The security update addresses the vulnerabilities by modifying the way library files and Windows media files are opened.
Source: Microsoft Technet and The Digital Lifestyle
[…] Security Patch for Media Center PCs […]