Winamp Skin Exploit in the Wild
An anonymous reader writes "Secunia.com has announced an exploit (derived from xml escaping the Internet zone into IE's local zone) that exploits Winamp's habit of automatically installing skins. Currently all versions of Winamp are affected. Details on the Winamp forums - apparently an exploit is already in the wild, and spreading."
who unchecks every option in any program I install that begins with "Automatically [check for/download] and install ..."?
I browse Slashdot at +3, Funny
Program skins with "browser tags" and "embedded xml"? sheesh, what next, word processor documents that have executable code inside?
"A door is what a dog is perpetually on the wrong side of" - Ogden Nash
Now that people have started to use firewalls, and the risk of worms and rootkits that infect through open, exploitable, holes grows smaller, it is time to expect more and more exploits to follow alternative vectors.
Note how many buffer-overflow exploits there have been in server daemons. Well, there is no reason to believe that servers are any worse written with regards to input than client applications - quite the contrary actually.
People think they are safe with a firewall. But I'm willing to bet there are undiscovered exploits in just about every application they run. WinZip? WinAMP? Acrobat Reader? Media player? Anything that handles files received over the Internet is potentially a vector for viruses and possibly worms.
This time it was bad escaping, which made the exploit trivial, but there a buffer overflow would have served just as well. Neither firewalls nor anti-virus software will protect you.
For what possible purpose does a skin -- which is essentially nothing more than graphical elements -- need to invoke the browser?
WTF? Seriously, help me out here. I've only been a programmer for 25 years, so I may not understand the deeply compelling reasons driving such a design decision.
Schwab
Editor, A1-AAA AmeriCaptions