WinAmp Security Hole Discovered, Patched
Sbarbero writes "According to Techworld.com, a significant security hole has been discovered in NullSoft's WinAmp, meaning everyone should upgrade to the 5.03 version the makers have just put out right now. Security company NGS has found that the exploit 'can be activated remotely simply by rendering a specially crafted html document' and will run arbitrary code - they have a full advisory on their site." Oddly enough, the vulnerability is in the playback for the classic .XM 'tracker' music format.
Guess this means I need to mass e-mail friends and family still using Kazaa and Kazaa-like tools for filesharing. I know that newer versions of Kazaa come with some sort of file scanning tool, anyone know if that picks this sort of stuff up? (or will after the definitions are updated)
-Adam C. Greenfield