Microsoft has gone on record to rebuff an alleged vulnerability in Windows Media Player that could facilitate remote code execution. The company said that
it found all such reports regarding a WMP vulnerability to be false
The reports of the vulnerability first surfaced after researcher Laurent Gaffie detailed the alleged threat and furnished the proof-of-concept code to make his case. Gaffie’s decision to go public with his findings without informing Microsoft hasn’t gone down well with the company.
After investigating the claims Microsoft acknowledged, in a blog post, that the proof-of-concept code does force WMP to crash but it can not be used for remote code execution.