Three Vulnerabilities Discovered in Real Player

prostoalex writes "British Next-Generation Security Software discovered three vulnerabilities in popular Real Player. A malicious attacker can execute arbitrary code by offering corrupted RealAudio stream. Real Networks posted the instructions on dealing with security flaws."

Helix?

[ewhac]

So, where can I download a Windows binary of the Open Source Helix player?

Schwab

Re:Linux

[Citizen+Gold]

I take it you don't know _anyone_ that uses linux then?

Just in case you were thinking about a free trial

[Evets]

I signed up for the real player plus free trial - hoping that the popups and other buy-this-too spamming tactics would end if I forked over a monthly fee.

1) The pop-ups didn't stop. In fact, they increased.
2) Trying to cancel the free trial involves not only going to a web site to cancel, but after you do that you have to call and cancel.
3) To add insult to injury, it takes at least 60 minutes on the phone to cancel your free trial.
4) There is no option on the number they have you dial to cancel your account.
5) If you do manage to successfully navigate their phone menu system, the guy you end up getting on the phone doesn't cancel your account until you listen to him hard sell you and harrass you about cancelling.

I actually would like to have realplayer installed on my machine to take advantage of the occasional cnn or espn clip that is only available on real player, but the fact that they send you endless amounts of spam on top of putting popups all over your desktop to buy their products really makes me avoid this application on principal. I know that there are ways to configure things to reduce these problems, but quite frankly, you can't stop them completely without going through a great amount of effort.