CVE-2009-1546

Name of the Vulnerable Software and Affected Versions: Windows 2000 SP4 Windows XP SP2 Windows XP SP3 Windows Server 2003 SP2 Windows Vista Gold Windows Vista SP1 Windows Vista SP2 Windows Server 2008 Gold Windows Server 2008 SP2

Description: A remote code execution issue exists in the way Microsoft Windows handles specially crafted AVI format files. This could allow code execution if a user opened a specially crafted AVI file. If a user is logged on with administrative user rights, an attacker who successfully exploited this issue could take complete control of an affected system, allowing them to install programs, view, change, or delete data, or create new accounts with full user rights. The Avifil32.dll is involved in this issue, specifically due to an integer overflow in the Windows Media file handling functionality.

Recommendations: For Windows 2000 SP4, update to a newer version to mitigate the risk. For Windows XP SP2 and SP3, consider restricting access to AVI files until a patch is available. For Windows Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2, avoid opening specially crafted AVI files until the issue is resolved. As a temporary workaround, consider disabling the handling of AVI files in Windows Media until a patch is available.