Description: This security update addresses a privately reported vulnerability in Windows Movie Maker and Microsoft Producer 2003. Windows Live Movie Maker, which is available for Windows Vista and Windows 7, is not affected by this vulnerability. The vulnerability could allow remote code execution if an attacker sent a specially crafted Movie Maker or Microsoft Producer project file and convinced the user to open the specially crafted file. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. The security update addresses the vulnerability by changing the way that Windows Movie Maker parses project files.

Update type: Important

Release date: March 9, 2010

Applies to: All versions

Knowledge base: support.microsoft.com/kb/975561

Download link: 32-bit | 64-bit
Comments:Here are the specifics on the vulnerabilities covered by this update:

• Windows Kernel Exception Handler Vulnerability – CVE-2010-0232
• Windows Kernel Double Free Vulnerability – CVE-2010-0233