How can I disable changes in Windows Media Player that are introduced after I install security update 936782?
Microsoft has made changes to Microsoft Windows Media Player to help with security when users visit social networking sites. These changes are introduced after you install security update 936782 (security bulletin MS07-047).
936782 MS07-047: Vulnerability in Windows Media Player could allow remote code executionOne change is that you must have Adobe Flash 9 installed to play Flash content through Windows Media Player. If Flash 9 is not installed, a dialog box that contains the following text prompts you to install Flash 9:
To play the selected item, you must install a later version of the Macromedia Flash Player. To download the Macromedia Flash Player, see the Macromedia Web site.Additionally, after you install the security update, the following parameters are automatically passed to Flash to make Flash more secure when Windows Media Player hosts Flash content:
- <param name="allowScriptAccess" value="never">
- <param name="allowNetworking" value="internal">
To have us fix this problem for you, go to the Fix it for me section. If you’d rather fix this problem yourself, go to the Let me fix it myself section.
To fix this problem automatically, click the Fix this problemlink. Then click Runin the File Downloaddialog box, and follow the steps in this wizard.
Fix it for me
Note This wizard may be in English only; however, the automatic fix also works for other language versions of Windows.
Note If you are not on the computer that has the problem, you can save the automatic fix to a flash drive or to a CD, and then you can run it on the computer that has the problem.
After you run this wizard, go to the Did this fix the problem? section.
Important This section, method, or task contains steps that tell you how to modify the registry. However, serious problems might occur if you modify the registry incorrectly. Therefore, make sure that you follow these steps carefully. For added protection, back up the registry before you modify it. Then, you can restore the registry if a problem occurs. For more information about how to back up and restore the registry, click the following article number to view the article in the Microsoft Knowledge Base:
Let me fix it myself
322756 How to back up and restore the registry in WindowsNote By default, this new behavior is enabled. To disable this new behavior, follow these steps to change the registry to allow Flash content to use script from other domains:
- Click Start, click Run, type regedit, and then click OK.
- Locate and then click the following registry subkey: HKEY_CURRENT_USER\Software\Microsoft\MediaPlayer\Preferences
- On the Edit menu, point to New, and then click DWORD Value.
- Type RestrictFlash, and then press ENTER.
- Double-click RestrictFlash.
- Type 0 (zero) in the Value data area, click Decimal in the Base area, and then click OK.
- Close Registry Editor.
Check whether the problem is fixed. If the problem is fixed, you are finished with this article. If the problem is not fixed, you can contact support.
Did this fix the problem?
fixit fix it update security_patch security_update security bug flaw vulnerability malicious attacker exploit registry unauthenticated buffer overrun overflow specially-formed scope specially-crafted denial of service DoS TSE WinNT Win2000
Article ID: 940893 - Last Review: 07/01/2010 04:04:00 - Revision: 3.0
Windows Media Player 11, Windows Media Player 10, Microsoft Windows Media Player 9 Series, Microsoft Security Essentials
- kbmsifixme kbfixme kbhowto kbexpertiseadvanced kbexpertisebeginner kbqfe kbsecurity kbsecbulletin kbsecvulnerability kbbug kbfix KB940893