Slashdot Mirror
WinXP and WinAmp Vulnerable to Malicious MP3s
mypenwry writes "Foundstone, a Mission Viejo, CA security
services company, is reporting several vulnerabilities that would allow malicious
code embedded in MP3 and WMA files to be executed via WinXP and WinAmp. WinAmp
versions 2.81 and 3.0 are vulnerable
to buffer overflows via certain long ID3v2 tags when MP3 files are loaded.
More troubling is the WinXP
vulnerability: A buffer overflow exists in Explorer's automatic reading
of MP3 or WMA (Windows Media Audio) file attributes in Windows XP. An attacker
could create a malicious MP3 or WMA file, that if placed in an accessed folder
on a Windows XP system, would compromise the system and allow for remote code
execution. The MP3 does not need to be played, it simply needs to be stored in
a folder that is browsed to, such as an MP3 download folder, the desktop, or a
NetBIOS share. This vulnerability is also exploitable via Internet Explorer by
loading a malicious web site. Explorer automatically reads file attributes regardless
of whether or not the user actually highlights, clicks on, reads, or opens the
file. Windows XP's Explorer will overflow if corrupted attributes exist within
the MP3 or WMA file. Microsoft
has issued a fix for this vulnerability. Nullsoft has posted fixed version of WinAmp 2.81 and 3.0 on their web site."
This is all part of the Berman Bill.
psmylie's dictionary: Godzillion (noun) Any number large enough to destroy Tokyo
So, now when the users are afraid because of having virii in their mp3s, they are not stupid anymore?
looks like listening to the newest Britney Spears album will result in more than just bad taste.
Mike
Something tells me that my daily virus scan is gonna take a lot longer now...
Oh wait... it's a Windows problem... never mind...
RickTheWizKid
My purpose: to inject random comments...
You guys are all supposed to be using Ogg anyways! That way you can act like you are a snooty audiophile anytime a MP3 story is posted...
Strange women lying in ponds distributing swords is no basis for a system of government.
because it's a feature !
Uh oh. I think they already infected my computer when I d/l:ed some christmas mu*?DZMV*Z@@@@+++ KNEEL BEFORE HILLARY ROSEN +++""!##""!1!!1.
NO CARRIER
Beware: In C++, your friends can see your privates!
Because it would cost a lot of money to design and implement, something Microsoft doesn't hav...
Oh, wait a minute...
Move along...nothing to see here.
How long until the story gets duped:
A) 15 minutes
B) 1 hour
C) 2 hours
D) 6 hours
E) 1 day
"Where do you want to buffer overflow today?"
If the RIAA use these tactics the solution is simple...
Wait a few months until the RIAA's trojanized files are well and truely spread throughout the P2P networks...
then use the thousands of trojanized nodes to DDOS the RIAA
*chuckle*
There's a running joke where I work that it is not officially Thursday until the Microsoft exploit of the week is released (of late this seems to happen on Thursday).
So, why not make it official - I propose
Operation: So Happy It's Thursday
What I recommend is that everybody who finds an exploit in Windows release it on Thursday.
NOTE: be fair - a bug in a Windows APP that is not a part of Windows doesn't count - so the bug in Winamp doesn't count, but the bug in the Windows shell does.
www.eFax.com are spammers
It's good that I have linux since it **never** has buffer overflows. Nor does any other open source software.
this is not a sig
Snooty audiophiles won't like FLAC, either.
A snooty audiophile sneers at any form of digitization - "You aren't getting all of the music - Yes, I know you are sampling a 1GHz, 64 bits per sample, but you aren't getting all the music! Only analog gets all the music! I don't care that what you are missing wouldn't amount to the width of a hydrogen atom on my beloved LP - YOU AREN'T GETTING ALL THE MUSIC"
That's what a snooty audiophile would say.
www.eFax.com are spammers
20 Print "Bill Gates laughs as he rolls about with his concubines!"
30 Print "Prepare for judgement!"
40 Input "Press any key";A$
50 If A$="AnyKey" Then fucksomeshitup;
60 W00t: Poke InChest;
70 Run "BSOD.exe -Playfile BritneySpears,HitMeOneMoreTime"
80 Print "This is what it sounds like when doves cry! Bwahaha!"
90 Goto 10
You should be able to find this on SourceForge too.
but I really could have done without the mental image you just gave me! Worse than goatse. ugh.
the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff
All file formats are safe, it's just the programs that read them.
The correct phrasing of that is: File formats don't kill programs. Programs kill programs.
So close and yet so far from the world's perfect ID number
The RIAA would rather not have computers exist, because that allows for trading of their precious songs. So by creating a virus that spreads through mp3 they're effectively cutting out a large amount of the piracy.
:-)
What's next for the RIAA? A virus on music CD's that is executed when played in computers. Obviously, allowing a CD to be played in a computer is the first step to it being pirated. Instead they'll allow it to play only in DRM CD players that will play 20 hours of music per license bought (each license will cost $20).
Please don't mod me down, I'm not trying to be flamebait, I'm being sarcastic
Cyde Weys Musings - Scrutinizing the inscrutable
(I really wish they'd inform users WHY submissions were rejected; even if only a one-word description, like "duplicate", "absurd", "false", "flamebait", etc.)
What gives you the idea that they would reject a story for any of those reasons? That sounds like a description of the front page to me.
How can we continue to believe in a just universe and freedom to eat crackers if we have no ale?
Doing a search in Kazaa I found a strange file called "!!Download me if you like REM!1Kewl new band.mp3". It came out to be a completely malicious mp3.. It's ID3 tag said something like NSYNC... yulk!
__
Sig: Marine Stock Photos
Ah, you're new here. Here at Slashdot, every tiny thing is something to pontificate about, and every tiny problem is a major conspiracy/security hole in which The Man can exploit you/invade your privacy. "No big deal" isn't a very common phrase here.
XP is vulnerable to MP3's? I don't know if I should be in awe or laugh my head off.
I make these: http://beatseqr.com
That is why audiophiles use "oxygen-free copper wires with authentic virgin yak wool insulation, cryogenicly treated to release signal-distorting sub-micron strain! A steal at $300/ft! Act now, and we will throw in our patented Feng Shui turntable stones - five of these will disgronificate your turntable! Normally $150 each, but a steal at $800 for a set!"
Bah, $300/ft? Are you kidding?
From Purist Audio Design:
-------
Dominus Speaker Cables (1.5 Meter)
Stereo pair of Speaker cables with fluid jacket. For more information on product, see the Product Page. Item weight per pair is 14.0 lbs.
Price each: $10,460.00
-------
So, that's about $2500/ft.
Bwhaahaahahahaha!! /me wipes eyes.
And for the record, I am not an "audiophile". I'm an audio and broadcasting engineer.
-T