Windows Media Player Fix 'Critical', Says Microsoft

Dennis Faas's picture

Patch Tuesday for January 2012 was released this week by Microsoft and includes seven updates designed to fix eight Windows security vulnerabilities.

One patch in particular fixes a serious Windows Media Player exploit. The flaw could allow a hacker to take remote control of a PC running Windows.

For those who don't follow Microsoft security news, Patch Tuesday refers to the second Tuesday of every month -- the day on which the Redmond-based firm normally releases a series of software updates intended to fix known problems in its various programs. The majority of patches are usually for Microsoft Windows.

Patch Tuesday updates download automatically through the Windows Update feature, though they are also available online for download from Microsoft's website.

Experts Warn Users to Update Systems Immediately

This month, Microsoft security bulletin MS12-004 is receiving the most attention from experts. The patch associated with the bulletin repairs a vulnerability in the way Windows Media Player plays sound and video files.

Without the patch, a knowledgeable hacker could remotely take control of a PC running Microsoft Windows. This flaw presents such a glaring security issue that Microsoft has said it expected hackers would exploit the flaw within the next thirty days or so.

Given the seriousness of the threat, experts advise that "it's important that Windows users treat MS12-004 with the utmost priority." (Source:

Other Fixes Deemed "Important"

There are other notable bulletins being made available this Patch Tuesday, including MS12-001, which addresses a flaw in the Microsoft C++ .Net compiler that would allow security protections to mysteriously become disabled.

"This seems like it could be a cause for concern, but as of yet, there isn't any evidence that shows attackers are taking advantage of the loophole," said security expert, Andrew Storms. (Source:

There's also MS12-005, which repairs a flaw in Microsoft Office that security guru Wolgang Kandek says could be used to plant malware on a PC. (Source:

All Versions of Windows Affected by Bulletins

There are several other bulletins released this Patch Tuesday, and together they're associated with all supported versions of Windows, including Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.

However, only the Windows Media Player flaw has been designated "critical." The seven other bulletins are simply designated "important".

Rate this article: 
No votes yet