Microsoft Media Player 22 Is Freeware

[Arnold Gilgen]

Legal Report Trademark Abuse
VideoLAN, VLC, VLC media player and x264 are trademarks internationally registered by the VideoLAN non-profit organization.
VideoLAN software is licensed under various open-source licenses: use and distribution are defined by each software license.

This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if Windows Media Player opens specially crafted media content that is hosted on a malicious website. An attacker who successfully exploited this vulnerability could take complete control of an affected system remotely. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

This security update is rated Critical for Windows Media Player 10 when installed on Windows Server 2003, Windows Media Player 11 when installed on Windows Vista or Windows Server 2008, and Windows Media Player 12 when installed on Windows 7 or Windows Server 2008 R2. For more information, see the Affected Software section.

The security update addresses the vulnerability by correcting how Windows Media Player handles DataObjects. For more information about the vulnerability, see the Vulnerability Information section.

The following software versions or editions are affected. Versions or editions that are not listed are either past their support life cycle or are not affected. To determine the support life cycle for your software version or edition, see Microsoft Support Lifecycle.

*The Updates Replaced column shows only the latest update in a chain of superseded updates. For a comprehensive list of updates replaced, go to the Microsoft Update Catalog, search for the update KB number, and then view update details (updates replaced information is on the Package Details tab).

The following severity ratings assume the potential maximum impact of the vulnerability. For information regarding the likelihood, within 30 days of this security bulletin's release, of the exploitability of the vulnerability in relation to its severity rating and security impact, please see the Exploitability Index in the June bulletin summary.

A remote code execution vulnerability exists in the way that Windows Media Player handles specially crafted DataObjects. An attacker who successfully exploited this vulnerability could take complete control of an affected system remotely. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

To exploit this vulnerability a user must open a specially crafted DataObject in Windows Media Player. The security update addresses the vulnerability by correcting how Windows Media Player handles DataObjects.

Microsoft received information about this vulnerability through coordinated vulnerability disclosure. When this security bulletin was originally issued Microsoft had not received any information to indicate that this vulnerability had been publicly used to attack customers.

Remove wmplayer.exe from the Internet Explorer ElevationPolicy
Warning If you use Registry Editor incorrectly, you may cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that you can solve problems that result from using Registry Editor incorrectly. Use Registry Editor at your own risk.

In a web-based attack scenario, an attacker would have to host a specially crafted DataObject that is used to attempt to exploit this vulnerability. An attacker would have no way to force users to visit a specially crafted website. Instead, an attacker would have to convince them to visit the website, typically by getting them to click a link in an email message or Instant Messenger message that takes them to the attacker's site.

The information provided in the Microsoft Knowledge Base is provided "as is" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.

Windows Media Player (WMP, officially referred to as Windows Media Player Legacy to distinguish it from the new Windows Media Player introduced with Windows 11), is the first media player and media library application that Microsoft developed to play audio and video on personal computers. It has been a component of the Microsoft Windows operating system, including Windows 9x, Windows NT, Pocket PC, and Windows Mobile. Microsoft also released editions of Windows Media Player for classic Mac OS, Mac OS X, and Solaris, but has since discontinued them.

In addition to being a media player, the app can rip audio file from compact discs, burn Audio CDs or MP3 CDs, synchronize content with a digital audio player or mobile devices, and stream media over the local network. Originally, it could connect to a number of online music stores, allowing its users to purchase digital music. The default file formats are Windows Media Video (WMV), Windows Media Audio (WMA), and Advanced Systems Format (ASF), and its own XML based playlist format called Windows Playlist (WPL). The player is also able to utilize a digital rights management service in the form of Windows Media DRM.

Windows Media Player is a unique component, in that since 1999, each version of Windows came with two or more versions of it side-by-side. For example, Media Player versions 5.1, 6.4, and 8 were all included in Windows XP. Each versions of Windows may bundle several other media playback apps, namely ActiveMovie Control, CD Player, DVD Player, Windows Media Center, and Microsoft Movies & TV.

Windows Media Player 11 is the last out-of-band version of Media Player. It was made available for Windows XP and is included in Windows Vista and Windows Server 2008. Version 12 was released in 2009 along with Windows 7[b] and has not been made available for previous versions of Windows nor has it been updated ever since.[2][3] Windows 8 bundled Windows Media Player 12 along two other media player apps, namely Xbox Video and Xbox Music. The latter was renamed Groove Music in Windows 10, and then finally Media Player in Windows 11[4] which has also been backported to Windows 10.[5]

The first version of Windows Media Player appeared in 1991, when Windows 3.0 with Multimedia Extensions was released.[6] Originally called Media Player, this component was included with "Multimedia PC"-compatible machines but not available for retail sale. It was capable of playing .mmm animation files, and could be extended to support other formats.[7] It used MCI to handle media files. Being a component of Windows, Media Player shows the same version number as that of the version Windows with which it was included.

Microsoft continually produced new programs to play media files. In November of the following year, Video for Windows was introduced with the ability to play digital video files in an AVI container format,[8] with codec support for RLE and Video1, and support for playing uncompressed files. Indeo 3.2 was added in a later release. Video for Windows was first available as a free add-on to Windows 3.1, and later integrated into Windows 95 and Windows NT 4.0. In 1995, Microsoft released ActiveMovie with DirectX Media SDK. ActiveMovie incorporates a new way of dealing with media files, and adds support for streaming media (which the original Media Player could not handle). In 1996, ActiveMovie was renamed DirectShow.[9] However, Media Player continued to come with Windows until Windows XP, in which it was officially renamed Windows Media Player v5.1.[10] ("v5.1" is the version number of Windows XP).

In 1999, Windows Media Player's versioning broke away from that of Windows itself. Windows Media Player 6.4 came as an out-of-band update for Windows 95-98 and Windows NT 4.0 that co-existed with Media Player and became a built-in component of Windows 2000, Windows ME, and Windows XP with an mplayer2.exe stub allowing to use this built-in instead of newer versions.[11] Windows Media Player 7.0 and its successors also came in the same fashion, replacing each other but leaving Media Player and Windows Media Player 6.4 intact. Windows XP is the only operating system to have three different versions of Windows Media Player (v5.1, v6.4, and v8) side by side. All versions branded Windows Media Player (instead of simply Media Player) support DirectShow codecs. Windows Media Player version 7 was a large revamp, with a new user interface, visualizations and increased functionality. Windows Vista, however, dropped older versions of Windows Media Player in favor of v11, which included the removal of the Windows Media Source Filter (DirectShow codec).

In 2004, Microsoft launched digital music store MSN Music for new Windows Media Player 10 to compete with Apple iTunes.[12][13]However, MSN Music was discontinued already in 2006 with the launch of Zune music players.[14]

Beginning with Windows Vista, Windows Media Player supports the Media Foundation framework besides DirectShow; as such it plays certain types of media using Media Foundation as well as some types of media using DirectShow.[15] Windows Media Player 12 was released with Windows 7. It included support for more media formats and added new features. With Windows 8, however, the player did not receive an upgrade.

c80f0f1006