CVE-2008-3009

Name of the Vulnerable Software and Affected Versions Microsoft Windows Media Player version 6.4 Windows Media Format Runtime versions 7.1 through 11 Windows Media Services versions 4.1, 9, and 2008

Description The issue arises from improper use of the Service Principal Name (SPN) identifier when validating replies to authentication requests. This allows remote servers to execute arbitrary code via vectors that employ NTLM credential reflection.

Recommendations For Microsoft Windows Media Player version 6.4, update to a version that properly validates SPN identifiers. For Windows Media Format Runtime versions 7.1 through 11, apply configuration changes to correctly use SPN identifiers. For Windows Media Services versions 4.1, 9, and 2008, restrict access to authentication requests to prevent NTLM credential reflection.