<< Back
CVE Number Vulnerability Product Severity Date
MS10-018 Cumulative Security Update for Internet Explorer (980182) Windows Movie Critical 10-03-2010

Technical Information

Brief overview of the risk:
The vulnerability could allow remote code execution if an attacker sent a specially crafted Movie Maker or Microsoft Producer project file and convinced the user to open the specially crafted file.
Detailed Information on the risk:

A remote code execution vulnerability exists in the way that Windows Movie Maker and Microsoft Producer 2003 handle specially crafted project files. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.


Further information on this exploit is available at : MS10-016

Affected Software

Windows Movie Maker 2.1 (Windows XP Service Pack 3)
Windows Movie Maker 2.6 (Windows Vista x64 Edition Service Pack 1)
Windows Movie Maker 2.6 (Windows Vista x64 Edition Service Pack 2)
Windows Movie Maker 2.6 (Windows 7 for 32-bit Systems)
Windows Movie Maker 2.6 (Windows 7 for x64-based Systems)
Windows Movie Maker 2.6 (Windows Vista Service Pack 1)
Windows Movie Maker 2.6 (Windows Vista Service Pack 2)
Windows Movie Maker 2.6 (Windows Vista x64 Edition)
Windows Movie Maker 2.6 (Windows Vista)
Windows Movie Maker 6.0 (Windows Vista Service Pack 1)
Windows Movie Maker 6.0 (Windows Vista Service Pack 2)
Windows Movie Maker 6.0 (Windows Vista x64 Edition Service Pack 1)
Windows Movie Maker 6.0 (Windows Vista x64 Edition Service Pack 2)
Windows Movie Maker 6.0 (Windows Vista x64 Edition)
Windows Movie Maker 6.0 (Windows Vista)