Microsoft has made changes to Microsoft Windows Media Player to help with security when users visit social networking sites. These changes are introduced after you install security update 936782 (security bulletin MS07-047).
936782 MS07-047: Vulnerability in Windows Media Player could allow remote code execution
One change is that you must have Adobe Flash 9 installed to play Flash content through Windows Media Player. If Flash 9 is not installed, a dialog box that contains the following text prompts you to install Flash 9:
To play the selected item, you must install a later version of the Macromedia Flash Player. To download the Macromedia Flash Player, see the Macromedia Web site.
Additionally, after you install the security update, the following parameters are automatically passed to Flash to make Flash more secure when Windows Media Player hosts Flash content:
<param name="allowScriptAccess" value="never">
<param name="allowNetworking" value="internal">
However, you may want to override these default changes in Windows Media Player.
Important This section, method, or task contains steps that tell you how to modify the registry. However, serious problems might occur if you modify the registry incorrectly. Therefore, make sure that you follow these steps carefully. For added protection, back up the registry before you modify it. Then, you can restore the registry if a problem occurs. For more information about how to back up and restore the registry, click the following article number to view the article in the Microsoft Knowledge Base:
322756 How to back up and restore the registry in Windows
Note By default, this new behavior is enabled. To disable this new behavior, follow these steps to change the registry to allow Flash content to use script from other domains:
Click Start, click Run, type regedit, and then click OK.
Locate and then click the following registry subkey:
On the Edit menu, point to New, and then click DWORD Value.
Type RestrictFlash, and then press ENTER.
Type 0 (zero) in the Value data area, click Decimal in the Base area, and then click OK.
Close Registry Editor.
Did this fix the problem?
Check whether the problem is fixed. If the problem is fixed, you are finished with this article. If the problem is not fixed, you can contact support.
fixit fix it update security_patch security_update security bug flaw vulnerability malicious attacker exploit registry unauthenticated buffer overrun overflow specially-formed scope specially-crafted denial of service DoS TSE WinNT Win2000