Microsoft Windows Media Center Remote Code Execution Vulnerability (CVE-2015-2509)
Publish Date: 06 de kwietnia de 2016
Severity: : Critical
CVE Kennungen: : CVE-2015-2509
Advisory Date: 09 de września de 2015
DESCRIPTION
A vulnerability exists in Windows Media Center that could allow remote code execution if Windows Media Center opens a specially crafted Media Center link (.mcl) file that references malicious code. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user.
Trend Micro researchers Aaron Luo, Kenney Lu, and Ziv Chang discovered this zero-day exploit, which also emerged from the Hacking Team leak.
INFORMATION EXPOSURE
Apply associated Trend Micro DPI Rules.