WinAmp Security Hole Discovered, Patched
Sbarbero writes "According to Techworld.com, a significant security hole has been discovered in NullSoft's WinAmp, meaning everyone should upgrade to the 5.03 version the makers have just put out right now. Security company NGS has found that the exploit 'can be activated remotely simply by rendering a specially crafted html document' and will run arbitrary code - they have a full advisory on their site." Oddly enough, the vulnerability is in the playback for the classic .XM 'tracker' music format.
Hi from Napster! We've been tracking your listening habits and suggest the following music...Barry Manilow, Air Supply, Leo Sayer. If you act now and buy, we won't tell your friends or neighbors.
A feeling of having made the same mistake before: Deja Foobar
I am so tired of waiting.
bloated POS Winamp 5 player
You know your media player is too big when all the eye candy slows your older computers to the point they can't play mp3's without choking.
Slashdot Syndrome: the sudden, extreme urge to correct someone in order to validate one's self.
I'm sure the millions of people who use Winamp as their main browser will not like this at all.
And since winamp uses IE for web page rendering people are used to so high standards for security.
bummer.
" it's widely used, but mostly in game software or by Amiga fetishists."
THANK GOD that winamp is still compatable with the amiga!
I doesn't matter if its the browser being used. But to answer your question , I never used the browser until they started adding streaming video to their library...now 'certain' channels bring up the browser every 60 seconds or so. But I can usually put up with it for the 5-6 minutes that I need.
I'm a writer, a poet, a genius, I know it. I don't buy software, I grow it.
Crap like this is why you should never use third party software like Winamp. Stick with Microsofts line of quality products and you'll be safe.
Seriously, just look at the time it took to fix this bug. I could almost read the entire headline before the fix. The bug took as long to fix as to read the comma between "Discovered" and "Patched". I expect better from Third Party software.
Until Third Party software is able to show they care about their products I can only recommend that you stick with 100% Microsoft Approved Solutions.
I don't need no stinkin' sig!
Be sure to buy a computer that wasn't manufactured in fucking 1956 Soviet Russia, asshole.
Does this also affect my current version of XMMS?!
Oh wait, wrong OS. Never mind.