The Proof of Concept for the Microsoft Security Bulletin MS06-005: Vulnerability in Windows Media Player Could Allow Remote Code Execution that was released last Valentine’s day is now available in FrSIRT.
The vulnerability in Windows Meida Player exists because of the way it handles processing bitmap files. With the use of a constructed malicious bitmap file an attacker can exploit the said vulnerability with the use of a malicious website that a user can visit or through viewing a malicious e-mail message.
An attacker who successfully exploited this vulnerability could take complete control of an affected system but a significant interaction from users is required to succesfully exploit this vulnerability.
Microsoft’s information on the vulnerability can be found here and Trend Micro’s Information can be found here
