Microsoft KB Archive/320920

= MS02-032: Windows Media Player Rollup Available =

Article ID: 320920

Article Last Modified on 10/26/2007

-

APPLIES TO


 * Microsoft Windows Media Player 6.4
 * Microsoft Windows Media Player 7.1
 * Microsoft Windows Media Player 8.01
 * Microsoft Windows Media Player 8.01

-



This article was previously published under Q320920



SYMPTOMS
On June 26, 2002, Microsoft released the original version of this update, which described the patch as being cumulative. Microsoft subsequently discovered that a file had been inadvertently omitted from the patch. Although the omission had no effect on the effectiveness of the patch against the new vulnerabilities that are discussed later in this article, the patch was not cumulative. Specifically, the original patch did not include all of the fixes that are discussed in Microsoft Security Bulletin MS01-056. Microsoft has repackaged the patch to include the missing file. Microsoft has now re-released the patch to make sure that it is cumulative.

If you applied the patch that was delivered in Microsoft Security Bulletin MS01-056 or the patch that was distributed with the original version of this article, you are fully protected against all known vulnerabilities in Windows Media Player and you do not have to take any action. Otherwise, Microsoft recommends that you apply the new version of the patch that is available later in this article.

Microsoft has released an update for Windows Media Player that includes the functionality of all of the previously released patches for Windows Media Player 6.4, 7.1, and Windows Media Player for Windows XP. The update also removes the following three newly discovered security vulnerabilities that are described in the following Microsoft Knowledge Base articles:

321678 MS02-032: Patch Available for Windows Media Player Cache Disclosure Vulnerability

321677 MS02-032: Patch Available for WMDM PMSP Service Vulnerability

321676 MS02-032: Patch Available for WMP Active Playlist Vulnerability

Additionally, this rollup contains the following fixes:

320926 The .wms Extension Is Removed from Windows Media Player

320944 How to Turn Off the Processing of HTML Scripts That Are Contained in Windows Media Files



RESOLUTION
Microsoft tested Windows Media Player 6.4, 7.1, and Windows Media Player for Windows XP to assess whether they are affected by this vulnerability. Previous versions, including version 7, are no longer supported, and may or may not be affected by these vulnerabilities.

Windows Media Player on Windows XP
To resolve this problem, obtain the latest service pack for Windows XP. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:

322389 How to Obtain the Latest Windows XP Service Pack

Download Information
The following file is available for download from the Microsoft Download Center:

Download the Wm320920_8 package now

Release Date: July 24, 2002

For additional information about how to download Microsoft Support files, click the following article number to view the article in the Microsoft Knowledge Base:

119591 How to Obtain Microsoft Support Files from Online Services

Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help to prevent any unauthorized changes to the file. You must restart your computer after you apply this update. This update supports the following Setup switches:

/? - Display the list of installation switches.

/q - Quiet mode (no user intervention).

/q:u - Specifies user-quiet mode, which presents some dialog boxes to the user.

/q:a - Specifies administrator-quiet mode, which does not present any dialog boxes to the user.

/t:  - Specifies the temporary working folder.

/c - Extracts the files without running Setup when used with /t.

/c:  - Override the install command that was defined by the author.

/r:n - Never restarts the computer after installation.

/r:i - Restart if required. Automatically restarts the computer if it is necessary to complete installation.

/r:a - Always restarts the computer after installation.

/r:s - Restarts the computer after installation without prompting the user.

For example, the wm320920_8 /q:a /r:n command installs the update without any user intervention, and then it does not force the computer to restart.

NOTE: If the file or files that are being replaced are in use, the /r:n switch may be ignored.

WARNING: Your computer is vulnerable until you restart it.

File Information
The English version of this fix has the following file attributes or later:

  Date         Time   Version       Size       File name -  21-Sep-2001  15:39  6.4.09.1121     498,960  Dxmasf.dll 13-May-2002 14:23  6.4.09.1124     929,280  Msdxm.ocx 16-May-2002 19:09  8.00.00.4482    229,434  Unregmp2.exe 16-May-2002 19:09  8.00.00.4482  1,327,376  Wmpcore.dll 16-May-2002 19:09  8.00.00.4482    532,752  Wmplayer.exe NOTE: Because of file dependencies, this update may contain additional files.

Windows Media Player 7.1
A supported hotfix is now available from Microsoft, but it is only intended to correct the problem that this article describes. Apply it only to systems that you determine are at risk of attack. Evaluate the computer's physical accessibility, network and Internet connectivity, and other factors to determine the degree of risk to the computer. See the associated Microsoft Security Bulletin to help determine the degree of risk. This hotfix may receive additional testing. If the computer is sufficiently at risk, we recommend that you apply this hotfix now.

To resolve this problem immediately, download the hotfix by following the instructions later in this article or contact Microsoft Product Support Services to obtain the hotfix. For a complete list of Microsoft Product Support Services telephone numbers and information about support costs, visit the following Microsoft Web site:

http://support.microsoft.com/contactus/?ws=support

Note In special cases, charges that are ordinarily incurred for support calls may be canceled, if a Microsoft Support Professional determines that a specific update will resolve your problem. The usual support costs will apply to additional support questions and issues that do not qualify for the specific update in question.

Download Information
The following file is available for download from the Microsoft Download Center:

Download the Wm320920_71 package now

Release Date: July 24, 2002

For additional information about how to download Microsoft Support files, click the following article number to view the article in the Microsoft Knowledge Base:

119591 How to Obtain Microsoft Support Files from Online Services

Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help to prevent any unauthorized changes to the file. You must restart your computer after you apply this update. This update supports the following setup switches:

/? - Display the list of installation switches.

/q - Quiet mode (no user intervention).

/q:u - Specifies user-quiet mode, which presents some dialog boxes to the user.

/q:a - Specifies administrator-quiet mode, which does not present any dialog boxes to the user.

/t:  -- Specifies the temporary working folder.

/c - Extracts the files without running Setup when used with /t.

/c:  - Override the install command that was defined by the author.

/r:n - Never restarts the computer after installation.

/r:i - Restart if required. Automatically restarts the computer if it is necessary to complete installation.

/r:a - Always restarts the computer after installation.

/r:s - Restarts the computer after installation without prompting the user.

For example, the wm320920_71 /q:a /r:n command installs the update without any user intervention, and then it does not force the computer to restart.

NOTE: If the file or files that are being replaced are in use, the /r:n switch may be ignored.

WARNING: Your computer is vulnerable until you restart it.

File Information
The English version of this fix has the following file attributes or later:

  Date         Time   Version      Size      File name    Operating system 13-Sep-2001 13:44  6.4.07.1121    498,448  Dxmasf.dll    Windows 98, Windows Me  13-May-2002  13:54  6.4.07.1124  1,676,800  Msdxm.ocx     Windows 98, Windows Me  21-Sep-2001  15:39 6.4.09.1121     498,960  Dxmasf.dll    Windows 2000 13-May-2002 14:23 6.4.09.1124     929,280  Msdxm.ocx     Windows 2000 16-May-2002 18:24 7.10.00.3068     57,344  Mspmspsv.exe  Windows 2000 16-May-2002 18:27 7.10.00.3068    217,088  Unregmp2.exe  All Windows 16-May-2002 18:27 7.10.00.3068    815,104  Wmpcore.dll   All Windows 16-May-2002 18:27 7.10.00.3068    348,160  Wmplayer.exe  All Windows

NOTE: Because of file dependencies, this update may contain additional files.

Windows Media Player 6.4
A supported fix is now available from Microsoft, but it is only intended to correct the problem that is described in this article. Apply it only to computers that you determine are at risk of attack. Evaluate your computer's physical accessibility, network and Internet connectivity, and other factors to determine the degree of risk to your computer. See the associated Microsoft Security Bulletin to help determine the degree of risk. This fix may receive additional testing. If your computer is sufficiently at risk, Microsoft recommends that you apply this fix now.

To resolve this problem immediately, download the fix by clicking the download link later in this article or contact Microsoft Product Support Services to obtain the fix. For a complete list of Microsoft Product Support Services phone numbers and information about support costs, please visit the following Microsoft Web site:

http://support.microsoft.com/default.aspx?scid=fh;EN-US;CNTACTMS

NOTE: In special cases, charges that are ordinarily incurred for support calls may be canceled, if a Microsoft Support Professional determines that a specific update will resolve your problem. The usual support costs will apply to additional support questions and issues that do not qualify for the specific update in question.

Download Information
The following file is available for download from the Microsoft Download Center:

Download the Wm320920_64 package now

Release Date: July 24, 2002

For additional information about how to download Microsoft Support files, click the following article number to view the article in the Microsoft Knowledge Base:

119591 How to Obtain Microsoft Support Files from Online Services

Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help to prevent any unauthorized changes to the file. You must restart your computer after you apply this update. This update supports the following setup switches:

/? - Display the list of installation switches.

/q - Quiet mode (no user intervention).

/q:u - Specifies user-quiet mode, which presents some dialog boxes to the user.

/q:a - Specifies administrator-quiet mode, which does not present any dialog boxes to the user.

/t:  - Specifies the temporary working folder.

/c - Extracts the files without running Setup when used with /t.

/c:  - Override the install command that was defined by the author.

/r:n - Never restarts the computer after installation.

/r:i - Restart if required. Automatically restarts the computer if it is necessary to complete the installation.

/r:a - Always restarts the computer after the installation.

/r:s - Restarts the computer after installation without prompting the user.

For example, the wm320920_64 /q:a /r:n command installs the update without any user intervention, and then it does not force the computer to restart.

NOTE: If the file or files that are being replaced are in use, the /r:n switch may be ignored.

WARNING: Your computer is vulnerable until you restart it.

File Information
The English version of this fix has the following file attributes or later:

  Date         Time   Version      Size       File name   Operating system 13-Sep-2001 13:44  6.4.07.1121    498,448  Dxmasf.dll  Windows 95, Windows 98, Windows NT  13-May-2002  13:54  6.4.07.1124  1,676,800  Msdxm.ocx   Windows 95, Windows 98, Windows NT  21-Sep-2001  15:39  6.4.09.1121    498,960  Dxmasf.dll  Windows 2000 13-May-2002 14:23  6.4.09.1124    929,280  Msdxm.ocx   Windows 2000 NOTE: Because of file dependencies, this update may contain additional files.



STATUS
Microsoft has confirmed that this problem may result in some degree of security vulnerability in the versions of Windows Media Player that are listed earlier in this article. This problem was first corrected in Windows XP Service Pack 1.



MORE INFORMATION
For additional information about command-line switches, click the article number below to view the article in the Microsoft Knowledge Base:

197147 Common Command-Line Switches for Self-Installing Update Files

For more information about these vulnerabilities, visit the following Microsoft Web site:

http://www.microsoft.com/technet/security/bulletin/MS02-032.mspx

For more information about Windows Media Player, visit the following Microsoft Web site:

http://technet.microsoft.com/en-us/library/bb676148.aspx

Keywords: kbqfe kbdownload kbbug kbenv kbfix kbsecbulletin kbsechack kbsecurity kbsecvulnerability kbwinxpsp1fix KB320920

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.