Slashdot Mirror

← Back to Stories (view on slashdot.org)

Spyware Tunnels in on Winamp Flaw

Posted by Hemos on from the hey-now-get-your-upgrade-on dept.

Andy Philips writes "A security bug in Winamp is being exploited by miscreants to install spyware on machines running the media player software. "After surfing to a malicious Web site on our test machines, the file 'x.pls' begins to download, Almost immediately, Winamp starts to execute the play list and remote code execution begins." Sunbelt's Adam Thomas wrote in a posting. The Winamp problem affects version 5.12 of the media player. Earlier versions may also be affected."

2 of 176 comments (clear)

  1. Winamp by certel · · Score: 1, Flamebait

    Winamp is now just bloatware. With all the features added to the software, the stability dropped like a rock. I was an avid user until I purchased an iPod and have been using iTunes ever since.

    --
    [%] Cingular Ringtones
  2. Workaround is meaningless by Anonymous Coward · · Score: 0, Flamebait

    What kind of lameness is that? This story isn't about the impact on compusavvy tinkering mechanics... its about the impact on the other millions of people who run Windows and don't know shit.

    Your work around sucks, anyway. If you tell the browser to download the .pls file... and then click to play it... and your WinAmp once again goes to work, then you're fucked. But I guess that shows you are one of the millions of people who...