Feedback on Robert Keith's Blog Microsoft Patch Tuesday March 2010 QUOTE: 2. MS10-017 Vulnerability in Microsoft Movie Maker Could Allow Remote Code Execution (975561)
CVE-2010-0265 (BID 38515) Microsoft Windows Movie Maker and Producer '.mswmm' Buffer Overflow Vulnerability (MS Rating: Important / Symantec Urgency Rating 7.1/10)
A remote code-execution vulnerability affects Movie Maker and Microsoft Producer when processing specially crafted Movie Maker project files (‘.mswmm’). An attacker can exploit this issue by tricking an unsuspecting victim into opening a malicious Movie Maker project file with the affected application. A successful exploit will result in the execution of arbitrary attacker-supplied code in the context of the currently logged-in user.
Affects: Microsoft Movie Maker 2.1, 2.6 and 6.0, and Microsoft Producer 2003 ENDQUOTE The Microsoft's MS10-017 and KB975561 article links for patches, hotfixes or fixits did not resolve or patch MovieMaker on my Windows 7 Professional 32-bit system, nor did WindowsUpdate find or offer any solutions to the MovieMaker vulnerability. WindowsUpdate has not installed any updates referring to MovieMaker or KB975561, and is up-to-date as of this moment. The KB975561 patch downloaded without issue, but erroneously reports that MovieMaker is not installed. A related Microsoft Fix-It also reported that MovieMaker is not installed. In point of fact MovieMaker is installed on this Windows 7 Professional Retail 32-bit Upgrade OS. The Fix-It patch recommended downloading and installing MovieMaker 2.6, then re-running the Fix-It tool. However, MovieMaker is included in Windows 7 Pro, and all Microsoft Downloads listings for MovieMaker 2.x (or 2.6) are for Vista or XP SP-x OSs. Perhaps I am misreading the MS Security Bulletin and KnowledgeBase articles, but it seems that in this particular instance, the provided patches or fix-its leave the issue unresolved and the system vulnerable to this exploit. (?)