WinAmp Security Hole Discovered, Patched

Sbarbero writes "According to Techworld.com, a significant security hole has been discovered in NullSoft's WinAmp, meaning everyone should upgrade to the 5.03 version the makers have just put out right now. Security company NGS has found that the exploit 'can be activated remotely simply by rendering a specially crafted html document' and will run arbitrary code - they have a full advisory on their site." Oddly enough, the vulnerability is in the playback for the classic .XM 'tracker' music format.

Re:If you wanted to be secure

[Shakrai]

You'd go with Microsoft Windows Media Player 9 in the first place. Those downloading free software get every penny's worth.

I don't know why I'm replying to your flamebait but the last time I checked WMP didn't cost anything either.

Re:wrong.

[mikael_j]

* 1.5 GHz Pentium IV or comparable

This one is probably just to cover their backs in case some dumbass decides to sue them for WinAmp not running properly on his 286SX..

* 128MB RAM

A bit steep, but once again I'm guessing it will run on less but that they think it's better to cover their backs.

* 30MB Hard Disk Space

This isn't much to complain about in the age of several hundred meg word processors.

* 32bit Sound Card

I suppose that in theory you could use drivers for your 16bit sound card that make it seem like a 32bit card to WinAmp.. But who doesn't have a 32bit sound card?

* Windows 2000, Windows XP

Ok, what are you running? Windows 95?

* 8x speed or greater CD Burner (Required for Burning) * 16x speed or greater CDROM (Required for Ripping)

Well obviously it's possible to do burning and ripping with slower drives, but for Joe Q Sixpack this would be too slow and probably make him go online and bitch about how the software sucks, so let's cover our backs again..

/Mikael