CVE-2012-0003 Exploited in the Wild
Posted by Shane Garrett on January 26, 2012 at 4:09 PM EST.
If for whatever reason you haven’t applied the critical January 2012 security update from Microsoft, now you really need to. Live web based exploitation of the vulnerability we found for handling MIDI in Windows Multimedia Library was reported by Trend Micro.
CVE-2012-0003 was disclosed by me, Shane G, of X-Force Research and addressed in the critical severity bulletin MS12-004 which was released as part of the this month’s Microsoft monthly security update. Additional details, including IDS protection for our customers, can be found in our advisory.
In addition to the appearance of live exploitation, detailed discussion of the vulnerability details and methods of exploitation have been seen. The relatively low complexity of locating the vulnerability will doubtlessly lead to more malware targeting it. As a further warning, another update this month, MS12-002 addressed a low complexity vulnerability that is likely to see exploitation for code execution.