Windows Media Player found to have security holes
The .WMS Script Execution flaw affects Windows Media Player version 7, which is included by default in Microsoft's Windows Millennium Edition operating system. WMP7 includes a feature called "skins" that allows users to customize the program's visual interface. However, a custom skin .wms file could also include script that could execute if Windows Media Player was run and the user had selected the skin that included the script. A malicious script would be able to execute ActiveX controls, including ones not marked safe for scripting as well as enable the code to take any action that can be accomplished via an ActiveX control. The .ASX Buffer Overrun flaw exploits WMP7's use of Active Stream Redirector (.asx) files to enable users to play streaming media residing on intranet or Internet sites.. The code that parses .asx files has an unchecked buffer. This means a malicious user could run any code on the PC of another user. Download the patch via Shareware Music Machine. | 
