Matthew Watchinski

**Name of the Vulnerable Software and Affected Versions** Windows Media codecs versions in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, and Server 2008 Gold and SP2 **Description** A remote code execution issue exists due to improper handling of crafted media content with MPEG-4 video encoding. This could allow code execution if a user opens a specially crafted media file. An attacker who successfully exploits this issue could take complete control of an affected system, allowing them to install programs, view, change, or delete data, or create new accounts with full user rights. The impact may be less severe for users with fewer user rights on the system. **Recommendations** For Windows XP SP2 and SP3, update to address the issue. For Server 2003 SP2, apply the necessary patch to resolve the vulnerability. For Vista SP1 and SP2, install the available update to fix the issue. For Server 2008 Gold and SP2, apply the required patch to mitigate the risk.

Name of the Vulnerable Software and Affected Versions: Adobe Reader versions 7.0.0 through 7.1.2 Adobe Reader versions 8.0.0 through 8.1.5 Adobe Reader versions 9.0.0 through 9.1.1 Adobe Acrobat versions 7.0.0 through 7.1.2 Adobe Acrobat versions 8.0.0 through 8.1.5 Adobe Acrobat versions 9.0.0 through 9.1.1 Description: The issue might allow attackers to execute arbitrary code via unspecified vectors that trigger memory corruption. Recommendations: For Adobe Reader versions 7.0.0 through 7.1.2, update to version 7.1.3 or later. For Adobe Reader versions 8.0.0 through 8.1.5, update to version 8.1.6 or later. For Adobe Reader versions 9.0.0 through 9.1.1, update to version 9.1.2 or later. For Adobe Acrobat versions 7.0.0 through 7.1.2, update to version 7.1.3 or later. For Adobe Acrobat versions 8.0.0 through 8.1.5, update to version 8.1.6 or later. For Adobe Acrobat versions 9.0.0 through 9.1.1, update to version 9.1.2 or later.