Windows Media Center “ehshell.exe” is vulnerable to an XML External Entity attack allowing remote access to any files on a victim’s computer, if they open an XXE laden “.mcl” file via a remote share / USB or from a malicious “windowsmediacenterweb” web link.