Intrusion Prevention

MS.Windows.Media.Center.Insecure.Library.Loading

Description

This indicates an attempt to exploit a remote Code Execution vulnerability in Windows Media Center.
The vulnerability is in a COM server that Windows loads as a shell extension. It could potentially load and execute an attacker's DLL, if the attacker were to lure a victim to open a malicious DLL file from a WebDAV, SMB share, or local disk.

Affected Products

Windows Vista Service Pack 2
Windows Vista x64 Edition Service Pack 2
Windows 7 for 32-bit Systems and Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems and Windows 7 for x64-based Systems Service Pack 1
Windows Media Center TV Pack for Windows Vista (32-bit editions)
Windows Media Center TV Pack for Windows Vista (64-bit editions)

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the latest update from the vendor.
Windows Vista Service Pack 2
http://www.microsoft.com/downloads/details.aspx?familyid=44f7f10b-86ff-470f-996a-d4aa51c4d18f
Windows Vista x64 Edition Service Pack 2
http://www.microsoft.com/downloads/details.aspx?familyid=cbb66cd7-2688-410f-8a03-fd28e6ef5b01
Windows 7 for 32-bit Systems and Windows 7 for 32-bit Systems Service Pack 1
http://www.microsoft.com/downloads/details.aspx?familyid=76fcf0ec-9062-4090-acb2-401355341a2b
Windows 7 for x64-based Systems and Windows 7 for x64-based Systems Service Pack 1
http://www.microsoft.com/downloads/details.aspx?familyid=78c099b7-4bcb-4da7-8967-512c6541c541
Windows Media Center TV Pack for Windows Vista (32-bit editions)
http://www.microsoft.com/downloads/details.aspx?familyid=60e50f72-4001-423c-831c-8ff1f1b8f090
Windows Media Center TV Pack for Windows Vista (64-bit editions)
http://www.microsoft.com/downloads/details.aspx?familyid=371c7dab-5aa6-4502-80ee-ae69b736b972

CVE References

CVE-2011-2009