Microsoft issued Security Bulletin MS12-004, which is a Critical patch affecting Windows Media – Vulnerabilities in Windows Media Could Allow Remote Code Execution (2636391).
This security update resolves two privately reported vulnerabilities in Microsoft Windows. The vulnerabilities could allow remote code execution if a user opens a specially crafted media file. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
This security update is rated Critical for all supported editions of Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008; and Important for all supported editions of Windows Media Center TV Pack for Windows Vista, Windows 7, and Windows Server 2008 R2.
If you have automatic updates enabled you should have the update now, if not, do a manual download and consider enabling Windows Update.
