Microsoft came forward yesterday and denounced the report about a vulnerability apparently discovered by some in Windows Media Player, that could allow remote code execution. The report were first posted by researcher Laurent Gaffi.

The company explained through a blog post that the report received was verified and investigated and the conclusion reached was that all the details presented were false. According to the statement, released on its Security Vulnerability Research & Defense blog, the flaw is only a "reliability issue with no security risk to customers."

"We've found no possibility for code execution in this issue," stated Christopher Budd, a spokesman for the Microsoft Security Response Center, in the blog post. Mr. Budd acknowledged the fact that Gaffi's sample exploit crashes Windows Media Player, but explained that the restart of the program can be completed without affecting the rest of the system.

The report surfaced on the Web last week and claimed that a serious vulnerability was identified in Windows Media Player 9, 10 and 11. There were also other details provided, letting users know that the flaw could allow a hacker to create a malformed WAV, SND or MIDI file to compromise a computer running on Windows Vista or Windows XP. Gaffi also included a proof-of-concept attack code that he claimed would allow remote code execution.

The company concluded by announcing that the flaw had already been identified during a  routine code maintenance and corrected in Windows Server 2003 Service Pack 2.