Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Computer Security > Is there a danger opening WMV files in XP?

Reply
Thread Tools

Is there a danger opening WMV files in XP?

 
 
Andy
Guest
Posts: n/a
 
      05-11-2006
Is there a danger opening WMV files in XP?

I sem to recall something about being taken to dangerous web sites or
getting unwanted code on my system or something like that.

I am running XP Pro/SP2.
 
Reply With Quote
 
 
 
 
Man-wai Chang
Guest
Posts: n/a
 
      05-11-2006
Andy wrote:
> Is there a danger opening WMV files in XP?
>
> I sem to recall something about being taken to dangerous web sites or
> getting unwanted code on my system or something like that.
>
> I am running XP Pro/SP2.


Not if you got the latest updates...

--
.~. Might, Courage, Vision, SINCERITY. http://www.linux-sxs.org
/ v \ Simplicity is Beauty! May the Force and Farce be with you!
/( _ )\ (Ubuntu 5.10) Linux 2.6.16.16
^ ^ 20:07:01 up 4:34 1 user load average: 1.00 1.04 1.01
news://news.3home.net news://news.hkpcug.org news://news.newsgroup.com.hk
 
Reply With Quote
 
 
 
 
Sebastian Gottschalk
Guest
Posts: n/a
 
      05-11-2006
Andy wrote:
> Is there a danger opening WMV files in XP?


Yes, if the files are ****ed up with DRM and you didn't properly remove
at least the DRM client components.

This will lead to two big problems:

1. A license aquistion dialogue will be opened, rendering HTML with the
IE engine. Hurray, free choice to use 50+ unpatched IE vulnerabilities.

2. A slient license aquistion might take place. This will install a
license for this file, including all relevant DRM mechanisms. One is
revokation. As an evil guy I would say "revoke after 1 second, delete
the license, the license's name is C:\mp3z\*.mp3".


There's also a possibility to include JavaScript code within a normal
WMV file, but actually running it is disabled by default.

> I sem to recall something about being taken to dangerous web sites or
> getting unwanted code on my system or something like that.


See above, this is usually a correct assumption.


BTW, would you please set a fup2 next time?
 
Reply With Quote
 
David H. Lipman
Guest
Posts: n/a
 
      05-11-2006
From: "Andy" <(E-Mail Removed)>

| Is there a danger opening WMV files in XP?

| I sem to recall something about being taken to dangerous web sites or
| getting unwanted code on my system or something like that.

| I am running XP Pro/SP2.

If the Media Player is properly patched -- No.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm


 
Reply With Quote
 
Ludovic Joly
Guest
Posts: n/a
 
      05-11-2006

> Is there a danger opening WMV files in XP?


There is no danger if you open the files with Notepad. This simple
security procedure will defeat exploits targeting media players, and
also protect your soul from explicit content.

 
Reply With Quote
 
David H. Lipman
Guest
Posts: n/a
 
      05-11-2006
From: "Ludovic Joly" <(E-Mail Removed)>

|
>> Is there a danger opening WMV files in XP?

|
| There is no danger if you open the files with Notepad. This simple
| security procedure will defeat exploits targeting media players, and
| also protect your soul from explicit content.

That's funny

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm


 
Reply With Quote
 
Frank Slootweg
Guest
Posts: n/a
 
      05-11-2006
Man-wai Chang <(E-Mail Removed)> wrote:
> Andy wrote:
> > Is there a danger opening WMV files in XP?
> >
> > I sem to recall something about being taken to dangerous web sites or
> > getting unwanted code on my system or something like that.
> >
> > I am running XP Pro/SP2.

>
> Not if you got the latest updates...


Note "got", not "*think* you got"! Lately *Automatic* Updates (the
automatic/icon/popup version) has been notorious in being days and even
weeks late compared to *Windows* Update (the browser version) [1], so
check with *Windows* Update that you have all the latest stuff.

[1] The Microsoft servers give priority to Windows Update over Automatic
Updates. Often Automatic Updates can *say* that there are updates
available for your computer, but not actually (fully) *download*, let
alone *install*, them until days/weeks later. For the gory details, see
the logs (in my case, XP Pro SP2, "Windows Update.log" and
"WindowsUpdate.log" (in C:\WINDOWS), especially the latter),
specifically the "DnldMgr * Update is not allowed to download due to
regulation." messages.
 
Reply With Quote
 
Leythos
Guest
Posts: n/a
 
      05-11-2006
In article <Xns97C078CF62DDF74C1H4@127.0.0.1>, http://www.velocityreviews.com/forums/(E-Mail Removed) says...
> Is there a danger opening WMV files in XP?
>
> I sem to recall something about being taken to dangerous web sites or
> getting unwanted code on my system or something like that.
>
> I am running XP Pro/SP2.


Opening any files you open "Can" present a danger, but the scope of the
threat can be limited.

Windows media player has had several exploits, as long as you patch your
system with all security updates, you will be as safe as possible at
that time - notice I didn't say you would be safe, I said safe AS
POSSIBLE.


--

(E-Mail Removed)
remove 999 in order to email me
 
Reply With Quote
 
Unruh
Guest
Posts: n/a
 
      05-11-2006
Leythos <(E-Mail Removed)> writes:

>In article <Xns97C078CF62DDF74C1H4@127.0.0.1>, (E-Mail Removed) says...
>> Is there a danger opening WMV files in XP?
>>
>> I sem to recall something about being taken to dangerous web sites or
>> getting unwanted code on my system or something like that.
>>
>> I am running XP Pro/SP2.


>Opening any files you open "Can" present a danger, but the scope of the
>threat can be limited.


>Windows media player has had several exploits, as long as you patch your
>system with all security updates, you will be as safe as possible at
>that time - notice I didn't say you would be safe, I said safe AS
>POSSIBLE.


YOu will be safer not opening them. So the question was as to the
comparative safety. There have been so many exploits, and the time between
the exploit being used and patched is some number of days ( lets say 10)
Thus, your safety if you patch is 10 days out of 365/Number of exploits per
year. Even with only one exploit a year, relying on patching gives you a
safety of only 3%-- ie you have a 3% chance of being hit if someone attacks
you once a year. If they attack you 30 times a year with the latest
exploit they have about 100% chance of getting in. Does that sound safe?o
Now if you never do anything that could trigger the exploit you will not be
broken into.
Ie, relying on patching to keep you safe is a rediculously insecure way of
behaving.
It is certainly necessary ( since y ou can raise those odds to 100% per
attempt if you never patch, and 3% is better than 100%) but should not even
be your 10th line of defence.


 
Reply With Quote
 
David H. Lipman
Guest
Posts: n/a
 
      05-11-2006
From: "Unruh" <(E-Mail Removed)>


|
| YOu will be safer not opening them. So the question was as to the
| comparative safety. There have been so many exploits, and the time between
| the exploit being used and patched is some number of days ( lets say 10)
| Thus, your safety if you patch is 10 days out of 365/Number of exploits per
| year. Even with only one exploit a year, relying on patching gives you a
| safety of only 3%-- ie you have a 3% chance of being hit if someone attacks
| you once a year. If they attack you 30 times a year with the latest
| exploit they have about 100% chance of getting in. Does that sound safe?o
| Now if you never do anything that could trigger the exploit you will not be
| broken into.
| Ie, relying on patching to keep you safe is a rediculously insecure way of
| behaving.
| It is certainly necessary ( since y ou can raise those odds to 100% per
| attempt if you never patch, and 3% is better than 100%) but should not even
| be your 10th line of defence.
|

Yeah but if you don't open the WMV, you don't see the video.

Live in fear, die in despair.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm


 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Is there any danger in opening spam? Matty F NZ Computing 34 11-07-2010 10:17 AM
DANGER DANGER THIRD DAY CPU FAN FAILURE DANGER DANGER Skybuck Flying Windows 64bit 9 04-01-2010 10:33 PM
Danger Danger Will Robinson Vista SP1 Lloyd Sheen ASP .Net 2 03-19-2008 05:58 PM
C++ danger to break due to its weight, fragmentation danger - C++0x Ioannis Vranos C++ 14 04-21-2004 12:19 AM
WMV files opening web-sites Stan Computer Support 0 08-24-2003 06:23 PM



Advertisments