First off, I am *not* a Microsoft fan, nor an apologist. I will however, explain a bit on this.
Coming to the point... Is there any way to write a program that will spot wma files that have been named as mp3 files, and rename / delete / isolate them into a special folder? I don't know much about the file format, or even how you would find out what the file format is.

It may be a function of an media player such as Windows Media Player to open a file regardless of extension and divine what it is, then play it appropriately. So I understand your concern. What I would recommend doing here is changing to a different media player, such as WinAmp, where an mp3 is still an mp3. There also are/were similar Windows problems with email, where mime type can or will be ignored in favor of the file extension (or vice versa), allowing seemingly non-executable payloads to be dangerous and/or automatically loaded.

You do need to be aware of how Windows treats file extensions though, for instance if your folder views are set to not show file extensions, you might see a file named "PlayMe.mp3.exe" show up as "PlayMe.mp3" -- this would be a disasterous problem.

All of these problems are examples of why Windows is an unsecure operating system by nature, lack of file permissions and having data files essentially executable, using extensions as a form of automatic association, and giving too much power to media player are all scary consequences of continuing to use Microsoft Windows.

I'm almost pretty positive that wma / wmv files can run little programs on your computer that do things like open web browsers.

I am very skeptical of this, although the Windows Media Player license has a clause saying they can, at any time, update any part of your operating system without your consent. Very scary, so we don't know exactly what works with any hidden undocumented extensions. I'd be much more scared of the 'abc.mp3.exe' problem though -- that is a real concern.

I also recall there was recently a buffer overflow exploit in the Quicktime implementation of the mp3 decoding (ID3 tags) -- that would allow mp3's to carry an executable payload. Just goes to show you, you are never really safe with an OS that runs it's GUI in kernel space, and if you are running a secure OS, don't run as root!

As to the Perl nature of your question, I'd attack this in a low level sort of way, could you try to read the ID3 tag using a Perl module and see if that fails? Still, I don't think you really need to do this. This is just one of many security problems in Windows, and I have not yet seen any exploit using WMA's to launch arbitrary code -- and if you switch media players, you'll be much safer. Not as safer as running Linux, but safer.

In reply to Re: WMA / WMV files by flyingmoose
in thread WMA / WMV files by David Caughell

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.