This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.
This signature detects attempts to execute arbitrary code on vulnerable Windows Media Center. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
Windows Media Center MCL files can specify a URL to be automatically loaded within Media Center. A specially crafted MCL file can trick Windows Media Center into rendering the very same MCL file as a local HTML file within the application's embedded web browser. This can be leveraged by an attacker to read and exfiltrate arbitrary files from a victim's local fileystem by convincing an unsuspecting user to open an MCL file.
- Windows Media Center in Microsoft Windows Vista SP2, Windows 7 SP1, Windows 8, and Windows 8.1