Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

Critical Update for Windows Media Player (All Versions)

Feb 10, 2004 10:35AM PST

Update for Windows Media Player URL Script Command Behavior

SUMMARY
Microsoft has released an update to the versions of Microsoft Windows Media Player that are listed in the "Applies to" section of this article. Microsoft recommends that you install this update so that you can more easily manage the behavior of embedded URL script commands in Windows Media audio and video (.asf) files and streams. This article describes the new functionality that is supported by this update and describes how to obtain the update.

The information in this article applies to:
Microsoft Windows Media Player 9 Series for Windows XP
Microsoft Windows Media Player 9 Series for Windows 2000
Microsoft Windows Media Player 9 Series for Windows Millennium Edition
Microsoft Windows Media Player 9 Series for Windows Server 2003
Microsoft Windows Media Player for Windows XP Home Edition
Microsoft Windows Media Player for Windows XP Professional
Microsoft Windows Media Player 7.1
Microsoft Windows Media Player 6.4

Date Published: 2/10/2004

http://support.microsoft.com/default.aspx?scid=kb;en-us;828026

Discussion is locked

- Collapse -
Re:Re:Critical Update for Windows Media Player (All Versions)
Feb 11, 2004 9:43PM PST

I downloaded to disk but am waiting also. Sure would like an explanation from Microsoft and instructions on how to install for those who have the previous version. This is a strange indeed! Sad Seems each user is left to fish for themselves.

Glenn

- Collapse -
May I suggest everyone send a comment to MS asking what
Feb 12, 2004 12:45AM PST

are their instructions since this Critical Update is not in the Windows Update for those that have the October 2003 version of 828026. Just click on up in the top right corner (Provide us with feedback on this article} at http://support.microsoft.com/default.aspx?scid=kb;en-us;828026

I sent one yesterday but apparently the diaper...err dapper kid at that station hasn't read or knows not what to do.

- Collapse -
(NT) Task done! :)
Feb 12, 2004 1:04AM PST
Wink
- Collapse -
Re:Re:Critical Update for Windows Media Player (All Versions)
Feb 13, 2004 6:25AM PST

I have the same WinXP and WMP versions as you do, Walt. However, I decided to download AND install the WMP security update anyway from a site which I received from Microsoft Security Update department via email. (Going directly to WU, however, I did not see this new WMP update listed as a critical update.)

After I installed the update, I checked my Computer File Summary on Belarc Advisor and found two distinct entries WM828026 and Q828026, which indicates they are not the same WMP updates; otherwise, IMHO it would not have listed them separately.

- Collapse -
Re:Re:Re:Critical Update for Windows Media Player (All Versions)
Feb 13, 2004 11:31AM PST
After I installed the update, I checked my Computer File Summary on Belarc Advisor and found two distinct entries WM828026 and Q828026, which indicates they are not the same WMP updates; otherwise, IMHO it would not have listed them separately.

Hi Harv,
I'm curious on what Belarc will show here after reading your post so I launched Belarc and it found 3 entries: Q828026, WM828026 both under WMP then Q828026 on 12/25/2003 under SP0. 3 entries has green check mark.

Aida32>Software>Windows Update - found 3 entries too.
Aida32>Software>Installed Programs - 1 entry only
Add/Remove Programs via Control Panel showed 1 entry only.

The Q828026.log (located in C:\Windows) has this installation info for 828026:
-12/26/2003 at 5:27: 0
-2004/02/11 11:02:37.282

Question: Does your Add/Remove Programs showed 1 entry too? just curious.
- Collapse -
Re:Re:Re:Re:Critical Update for Windows Media Player (All Versions)
Feb 13, 2004 5:05PM PST

Yes, there is only one entry in Add or Remove Programs listed under Windows Media Player Hotfix (WM828026).

I actually had three entries for it listed in Belarc Advisor, as you did. However, I thought it was a bit curious to have two different WMP security fixes listed with the same number: Q828026 and WM828026. Microsoft seems to have set a (bad) precedent by using the same numbers to represent two separate updates.

- Collapse -
Re:Re:Re:Re:Re:Critical Update for Windows Media Player (All Versions)
Feb 13, 2004 5:46PM PST
I actually had three entries for it listed in Belarc Advisor, as you did.
Cool! I mean... at least I'm not alone seeing 3 entries hehehe

I don't want to investigate further on how on earth Belarc and Aida found 3 entries. I'll keep this KB828026 (released Feb. 10, '04) as installed. Anyway, I don't see problem and keeps me confident that system is really up-to-date. U know, even AV or AT authors recommends to make sure our system has all the patches and updates Grin

Thanks again Harv.
- Collapse -
Re:Critical Update for Windows Media Player (All Versions)
Feb 13, 2004 8:11PM PST

I have Win XP Home Edition and WMP 9 Series version 9.00.00.2980. My Add/Remove does NOT should ANY WMP hotfixes and there's NO 828026 hotfix period. I see a KB828028 hotfix.

- Collapse -
Re:Re:Critical Update for Windows Media Player (All Versions)
Feb 14, 2004 2:59AM PST

As per the MSKB article, the 828026 (Feb 10, 2004) applies only to the following:

Microsoft Windows Media Player 9 Series for Windows XP
Microsoft Windows Media Player 9 Series for Windows 2000
Microsoft Windows Media Player 9 Series for Windows Millennium Edition
Microsoft Windows Media Player 9 Series for Windows Server 2003
Microsoft Windows Media Player for Windows XP Home Edition
Microsoft Windows Media Player for Windows XP Professional
Microsoft Windows Media Player 7.1
Microsoft Windows Media Player 6.4

Walt, you have Windows XP home Edition which is listed in the above. Microsoft made the update available for download and install. It's up to every user whether they want to have a patched or updated or up-to-date system or programs. What Microsoft and other authors are recommending is to make sure we have critical updates installed. For unknown reason (to us), WU didn't list this 828026 in WU ... not a biggy to me as I can download and install it manually. If you decide not to install this latest 828026.. its your PC. I just hope that you aren't missing other important or critical updates.

I do visit Windows Update to check for updates. It missed a lot of updates and learned only that I am missing more than 10 updates after running a free webscan offered by http://www.pedestalsoftware.com/products/se/downloads/webscan/
Many regulars in this forum tried this free webscan and most of them are surprised to see that they are missing updates because we only rely on Windows Update or Office Update pages. You can view the discussion (started by LarryD in Computer newbies) entitled Read this if you use Windows Update (also if you don't).

Hope the above helps.

- Collapse -
FIX: Some URL script commands do not work after you apply the Windows Media update from Knowledge Base article 828026
Feb 12, 2004 11:36AM PST

Just found this FIX:

Notice
SYMPTOMS
After you apply the hotfix in Knowledge Base article 828026, some URL script commands do not work as expected.

The update in this article also discusses an issue with the installer that can cause 100% CPU utilization in certain scenarios.

CAUSE
This problem occurs because of the following issues:
Content that was played back by a protocol other than HTTP was detected as originating in the Internet zone. Sometimes, this content should have been detected as originating in a more trusted zone.
URL script commands that were referenced by only a relative URL detected the URL script command as originating in the restricted zone. Sometimes, these script commands should have been detected as originating in a more trusted zone.
The SeDebugPrivilege user right has been revoked from all users and all groups, including administrators. This situation causes the installation process to use all CPU resources.

http://support.microsoft.com/default.aspx?scid=kb;;832353

- Collapse -
Re:FIX: Some URL script commands do not work after you apply the Windows Media update from Knowledge Base article 828026
Feb 12, 2004 8:36PM PST
- Collapse -
Totally confused and more than a little unhappy! :(
Feb 12, 2004 10:11PM PST

Walt, I do not know about you but I am so confused by all of this that I feel like removing KB828026. It looks like patch, patch is all we can do. Like you I have the original Oct 2003 Critical Update and have the foggiest idea if, when or how to install the 2nd recent version. Now this KB832353 patch to patch the patch only confuses things further.

It does appear that Microsoft could issue some clarification because of all their patches and the resulting confusion. As of now I am sticking with the original KB832353 pending some clarification. Windows Media Player is not all that important to me so it may be just as well to remove the entire bad apple.

Thanks for the post and like you I am looking for answers.

Sad

Glenn

- Collapse -
Sorry about the error...
Feb 12, 2004 11:32PM PST

"I am sticking with the original KB832353"

That should read KB828026... so you see I am really confused!!

Confused

Glenn

- Collapse -
Re:Re:FIX: Some URL script commands do not work after you apply the Windows Media update from Knowledge Base article 828026
Feb 12, 2004 11:17PM PST
For those who did NOT apply the previous fix, 828026, could we SKIP applying that patch and go straight to the new one you listed here?

Take note of the dates it was published:

Windows Media Player (All Versions) for Windows 2000, Windows XP, and Windows Server 2003 (KB832353) - released Date Published: 12/16/2003 (Windows NT)
Windows Media Player 6.4 for Microsoft Windows NT 4.0 Server (KB832353) - same published date as above.

The above 832353 fix is a fix for the last years' KB828026 which was published Oct. 3, 2003 not a fix to the KB828026 that was released 3 days ago.

Critical update that I posted is the lastest because it was published Feb. 10, 2004

Hope this helps.

Happy
Donna
- Collapse -
(NT) The date I see is: Last Reviewed: 2/9/2004 (2.0)
Feb 13, 2004 12:03AM PST

.

- Collapse -
Re:(NT) The date I see is: Last Reviewed: 2/9/2004 (2.0)
Feb 13, 2004 12:39AM PST

Yes M. I noticed that Feb 9 date as last reviewed but the published date of the file is Dec. 16, 2003 and no revision or changelog history for Feb. 9.

HTH

Donna Happy

- Collapse -
Fix for Fix???
Feb 13, 2004 12:47AM PST
- Collapse -
Re:Fix for Fix???
Feb 13, 2004 1:00AM PST
Why not just use this one?
If this fix is a fix to the current 828026 (Feb. 10, 2004) and not the old 828026 (Oct 2003) update , I think you can go ahead and get it if you have the 828026 and experiencing all or any the following:

1. Content that was played back by a protocol other than HTTP was detected as originating in the Internet zone. Sometimes, this content should have been detected as originating in a more trusted zone.
2. URL script commands that were referenced by only a relative URL detected the URL script command as originating in the restricted zone. Sometimes, these script commands should have been detected as originating in a more trusted zone.
3. The SeDebugPrivilege user right has been revoked from all users and all groups, including administrators. This situation causes the installation process to use all CPU resources.

MS wrote in that article that "The update in this article also discusses an issue with the installer that can cause 100% CPU utilization in certain scenarios."
Take note "in certain scenarios". So far I have not see 100% CPU utilization so I may pass this 832353 fix if it's a fix for 828026 (Feb. 10).

Donna Happy
- Collapse -
Donna, my understanding form your chronology...
Feb 13, 2004 1:16AM PST

I now have the HotFix 828026 of Oct 2003.

If I understand correctly I plan to:

1. Install the Dec 2003 KB832353
2. Install the recent Q828026

Please let me know if my chronology and methods are at vairance with your understanding. Thanks for hanging-in and putting up with all of us.

Happy

Glenn

- Collapse -
Re:Donna, my understanding form your chronology...
Feb 13, 2004 1:39AM PST

Hi Glenn,

I can't confirm if that it is the way it should be done because I'm not sure if the KB832353 is a fix for 828026 (Feb. 10, 2004).

You can only install the 832353 if you are experiencing 100% CPU utilization and other symptoms. If your old 828026 doesn't cause those then you should skip 832353 fix.

The important to install is the latest 828026 (Feb. 10, 2004) because it is a critical update. Maybe if there is a 100% CPU issue in your system after installing the new 828026 then the 832353 is the answer.

Hope this helps Glenn.

Thanks for hanging-in and putting up with all of us
You're welcome Glenn Happy

- Collapse -
Gulp!! Abbott & Costello are still alive on "Who's on First" and working at MS. (NT)
Feb 13, 2004 1:29AM PST

.

- Collapse -
More confusing?? Article today in PC World
Feb 13, 2004 2:14AM PST

Microsoft Security Patch for Windows Media Player 6.4 and 7

The .ASX Buffer Overrun and .WMS Script Execution vulnerabilities allow a malicious user to send a damaging file to another user (who suffers damage upon running or previewing the file). The same vulnerabilities allow the malicious user to host such a file on a Web site and cause it to launch automatically whenever another user visits the site. Through the .ASX Buffer Overrun vulnerability, the malicious user can take any action on a machine that the system's legitimate user can take. The .WMS Script Execution vulnerability, meanwhile, executes ActiveX controls, including those not marked as "safe for scripting." Note: This link will take you to Microsoft's site, where you can download the patch.

http://www.pcworld.com/downloads/file_download/0,fid,8027,fileidx,1,00.asp

http://www.pcworld.com/downloads/file_description/0,fid,8027,00.asp

- Collapse -
Re:More confusing?? Article today in PC World
Feb 13, 2004 2:54AM PST

?? That was added Jan 2001 by PC World ??

The MS Bulletin MS00-090 which was originally published by MS on November 22, 2000 and it is not patching the URL script commands or changing the file versions of what 828026 has changed. This bulletin in PC World is to fix "Skins File Download Vulnerability" in WMP.

?

- Collapse -
NOPE - FEBRUARY 13, 2004
Feb 13, 2004 3:04AM PST
- Collapse -
Re:NOPE - FEBRUARY 13, 2004
Feb 13, 2004 11:35AM PST
- Collapse -
(NT) I gave up - will wait until WU has it as "critical" :)
Feb 13, 2004 11:45AM PST

.