ISS has published an advisory on a buffer overflow found in Windows Media Player 9 and 10 related to handling .ASX playlist files. This follows a similar advisory by FrSIRT. It appears that these advisories are coming in response to indications that there are in-the-wild exploits of the vulnerability. The issue has been public since back on November 22nd.
Read the ISS Advisory, the FrSIRT Advisory, and the original Bugtraq posting.
(Thanks to everyone who sent this in...)
Dec 7th 2006
1 decade ago