Microsoft Windows Media Services nskey.dll ActiveX BOF Vulnerability

Summary
This host is installed with Windows Media Services and is prone to Buffer Overflow vulnerability.
Impact
Successful exploitation could allow execution of arbitrary code, and cause the victim's browser to crash. Impact Level: Application
Solution
Vendor has released a patch to fix this issue. Windows Media Services customers should contact the vendor for support for upgrade or patch. http://www.microsoft.com/windows/windowsmedia/forpros/server/server.aspx Workaround: Set a kill bit for the CLSID {2646205B-878C-11D1-B07C-0000C040BCDB}
Insight
The flaw is due to an error in CallHTMLHelp method in nskey.dll file, which fails to perform adequate boundary checks on user-supplied input.
Affected
Microsoft Windows Media Services on Windows NT/2000 Server.
References