Earlier today, we encountered a malware that exploits a recently (and publicly) disclosed vulnerability, the MIDI Remote Code Execution Vulnerability (CVE-2012-0003). The said vulnerability is triggered when Windows Multimedia Library in Windows Media Player (WMP) fails to handle a specially crafted MIDI file, consequently allowing remote attackers to execute arbitrary code. In the attack that we found, [...]
Post from: TrendLabs | Malware Blog - by Trend Micro
Malware Leveraging MIDI Remote Code Execution Vulnerability Found