Microsoft Windows Media Center Remote Code Execution Vulnerability (CVE-2015-2509)

2016年4月6日

风险等级: 緊急

CVE标识符: : CVE-2015-2509

建议日期 : 2015年9月9日

描述

A vulnerability exists in Windows Media Center that could allow remote code execution if Windows Media Center opens a specially crafted Media Center link (.mcl) file that references malicious code. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user.

Trend Micro researchers Aaron Luo, Kenney Lu, and Ziv Chang discovered this zero-day exploit, which also emerged from the Hacking Team leak.

保护信息

Apply associated Trend Micro DPI Rules.

解决方案

补丁: https://technet.microsoft.com/library/security/ms15-100