Members
  • Total Members: 14176
  • Latest: toxxxa
Stats
  • Total Posts: 42870
  • Total Topics: 16079
  • Online Today: 3869
  • Online Ever: 51419
  • (01. January 2010., 10:27:49)









Author Topic: Critical Flaw in RealPlayer, Firefox Fixes  (Read 2468 times)

0 Members and 1 Guest are viewing this topic.

Samker

  • SCF Administrator
  • *****
  • Posts: 7528
  • KARMA: 322
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • SCforum.info - Samker's Computer Forum
Critical Flaw in RealPlayer, Firefox Fixes
« on: 06. February 2009., 22:31:39 »


A serious flaw in the RealPlayer media player from RealNetworks could allow an attacker to take control of a victim PC if you open a poisoned movie file, or even just preview it in Windows Explorer, according to a new notice from Fortinet.

The hole in RealPlayer 11 involves the way the program processes Internet Video Recording, or IVR, files. And according to the notice, you wouldn't have to actually open a downloaded, malicious movie to get hit: "A successful attack could take place by merely previewing the IVR file through Windows Explorer."

No word on real-world attacks, thankfully, but there's also no mention of an available patch from RealNetworks. So you can either be extra careful with movie file downloads or uninstall RealPlayer until there's a fix. I'll update this post if I hear back from RealNetworks about any available patch or workaround.

Also, if you use Firefox, be sure you've picked up the 3.0.6 update released earlier this week. Along with stability fixes, the update closes six security holes, one of which could allow an attacker to remotely install malicious software. Click Help | Check for Updates to make sure you've got the fix.

(PC World)

Samker's Computer Forum - SCforum.info

Critical Flaw in RealPlayer, Firefox Fixes
« on: 06. February 2009., 22:31:39 »

 

With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Verification:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.scforum.info:

Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Terms of Use | Privacy Policy | Advertising