A French security firm has warned that a flaw in Microsoft's Windows Media Player could be exploited by hackers.
The French Security Incident Response Team (FrSIRT) warned that an exploit code attacking the media player has been released into the wild. However, it said that users who had applied the latest round of patches from Microsoft should not be affected: patch MS06-006 repairs the flaw.
FrSIRT rated the vulnerability as "critical," while Microsoft graded it as "important." A bug in the Windows Media Player plug-in could be used to execute arbitrary commands, FrSIRT said.
The flaw is caused by a buffer overflow error that could allow a machine to be taken over if a user was tricked into visiting a specially-crafted website using a non-Microsoft Internet browser such as Netscape or Firefox, FrSIRT wrote in its advisory.