MS10-094: Vulnerability in Windows Media Encoder could allow remote code execution

Support for Windows XP has ended

Microsoft ended support for Windows XP on April 8, 2014. This change has affected your software updates and security options. Learn what this means for you and how to stay protected.

Support for Windows Server 2003 ended on July 14, 2015

Microsoft ended support for Windows Server 2003 on July 14, 2015. This change has affected your software updates and security options. Learn what this means for you and how to stay protected.

Support for Windows Vista Service Pack 1 (SP1) ends on July 12, 2011. To continue receiving security updates for Windows, make sure you're running Windows Vista with Service Pack 2 (SP2). For more information, refer to this Microsoft web page: Support is ending for some versions of Windows.
INTRODUCTION
Microsoft has released security bulletin MS10-094. To view the complete security bulletin, visit one of the following Microsoft websites:

How to obtain help and support for this security update

Help installing updates: Support for Microsoft Update

Security solutions for IT professionals: TechNet Security Troubleshooting and Support

Help protect your computer that is running Windows from viruses and malware:Virus Solution and Security Center

Local support according to your country: International Support

FILE INFORMATION
  The English (United States) version of this software update installs files that have the attributes that are listed in the following tables. The dates and the times for these files are listed in Coordinated Universal Time (UTC). The dates and the times for these files on your local computer are displayed in your local time and with your current daylight saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.

For x86-based versions of Windows Media Encoder 

File nameFile versionFile sizeDateTimePlatform
Custdll.dllNot Applicable11,26426-Jun-200817:10x86
Wmdevctl.dll9.0.0.3374173,05622-Oct-201006:14x86
Wmenc.exe9.0.0.3374647,68022-Oct-201006:04x86
Wmencagt.exe9.0.0.337451,20022-Oct-201006:04x86
Wmenceng.dll9.0.0.33741,560,57622-Oct-201006:14x86
Wmex.dll9.0.0.3374949,76022-Oct-201006:14x86

For x86-based versions of Windows Media Encoder that are installed on supported 64-bit operating systems

File nameFile versionFile sizeDateTimePlatform
Custdll.dllNot Applicable17,40826-Jun-200817:15x64
Wmdevctl.dll9.0.0.3374173,05622-Oct-201006:14x86
Wmenc.exe9.0.0.3374647,68022-Oct-201006:04x86
Wmencagt.exe9.0.0.337451,20022-Oct-201006:04x86
Wmenceng.dll9.0.0.33741,560,57622-Oct-201006:14x86
Wmex.dll9.0.0.3374949,76022-Oct-201006:14x86

For x64-based versions of Windows Media Encoder that are installed on supported 64-bit operating systems

File nameFile versionFile sizeDateTimePlatform
Custdll.dllNot Applicable17,40826-Jun-200817:15x64
Wmdevctl.dll10.0.0.3822273,40822-Oct-201004:59x64
Wmenc.exe10.0.0.38221,262,59222-Oct-201004:58x64
Wmencagt.exe10.0.0.382262,46422-Oct-201004:54x64
Wmenceng.dll10.0.0.38222,812,92822-Oct-201004:59x64
Wmex.dll10.0.0.38222,194,43222-Oct-201004:59x64
update security_patch security_update security bug flaw vulnerability malicious attacker exploit registry unauthenticated buffer overrun overflow specially-formed scope specially-crafted denial of service DoS TSE
Properties

Article ID: 2447961 - Last Review: 05/11/2012 22:01:00 - Revision: 2.0

Windows Server 2008 Service Pack 2, Windows Server 2008 Datacenter, Windows Server 2008 Enterprise, Windows Server 2008 Standard, Windows Web Server 2008, Windows Vista Service Pack 2, Windows Vista Service Pack 1, Microsoft Windows Server 2003 Service Pack 2, Microsoft Windows XP Service Pack 3

  • atdownload kbbug kbexpertiseinter kbfix kbsecbulletin kbsecurity kbsecvulnerability KB2447961
Feedback