Slashdot Mirror

← Back to Stories (view on slashdot.org)

RealPlayer Zero-Day Flaw Under Attack

Posted by Zonk on from the my-kingdom-for-a-patch dept.

openOption writes "ZDNet is reporting that hackers are actively exploiting a zero-day hole in RealNetworks' RealPlayer media player, a software program installed on tens of millions of Windows computers worldwide. The in-the-wild attacks targets a previously unknown and unpatched ActiveX vulnerability in the way RealPlayer interacts with Microsoft's Internet Explorer browser. The flaw is causing drive-by malware downloads when an IE user simply browsers to a maliciously rigged Web page."

30 of 150 comments (clear)

  1. Installed by millions... by Anonymous Coward · · Score: 5, Funny

    Used by no one... until now.

    1. Re:Installed by millions... by VagaStorm · · Score: 3, Informative
      From Wikipedia:

      A zero-day (or zero-hour) attack is a computer threat that exposes undisclosed or unpatched computer application vulnerabilities. Zero-day attacks take advantage of computer security holes for which no solution is currently available.
      --
      www.aleo.no
    2. Re:Installed by millions... by Sillygates · · Score: 2, Insightful

      This wouldn't be a problem if companies like Dell(?) didn't preinstall RealPlayer on computers.

      --
      I fear the Y2038 bug
  2. Good thing I don't use Real by Anonymous Coward · · Score: 2, Funny

    Greased up Yoda doll
    Puckered anus
    GO LINUX!

  3. SOFTWARE PROGRAM!!!11111```oneone by Anonymous Coward · · Score: 5, Funny


    a software program

    I like software programs. They run well on my computer PC and look nice on my display monitor. My computer PC works well, all the way from the electric power cable to the Ethernet network card, the hard disk hard drive, and my wireless keyboard keyboard and mouse mouse.

    (What are synonyms for keyboard and mouse?)

    1. Re:SOFTWARE PROGRAM!!!11111```oneone by lenroc · · Score: 2, Insightful

      "Alphanumeric keyboard" and "computer mouse"?

      Looks like someone confused verbosity with redundancy

  4. Whew! by dedazo · · Score: 3, Interesting

    God, I'm so glad I bought a computer with Windows XPN, which thanks to the wisdom of the European Union and RealNetworks' claims of unfair competition against their cuasi-malware player, does not include Windows Media Player! Yes, instead the OEM installed... oh, wait. They installed RealPlayer. Holy sh #$!@&*^} NO CARRIER

    --
    Web2.0: I love when people Flickr my cuil and digg my boingboing until my google is reddit and I start to yahoo
  5. Hackers are the least of their troubles... by Ecuador · · Score: 2, Funny

    I don't want to be a troll, but people who install Real Player are asking for trouble.
    Wow, I just had a scary thought I managed to block just in time before passing out: Real Player. On Vista.

    --
    Violence is the last refuge of the incompetent. Polar Scope Align for iOS
    1. Re:Hackers are the least of their troubles... by Dishevel · · Score: 4, Funny

      I love Real Player. Its icon is pretty and when I click on some things on the internet it works sometimes for me. If it dose not work I just figure that the people putting that bad stuff on the internet must not know what a wonderful company Microsoft is for people like me. Now if you will excuse me I need to click on something real fast so AOL doe not disconnect me again. All I need is MS programs that I can use while online with AOL with my wonderful CABLE COMPANY connection to the internet.

      --
      Why is it so hard to only have politicians for a few years, then have them go away?
    2. Re:Hackers are the least of their troubles... by Angostura · · Score: 3, Interesting

      I can't speak about the windows version, but the OS X implementation of the free player is actually very nice to use indeed: fast and lightweight. It's the format I choose for listening to and watching BBC streaming feeds.

    3. Re:Hackers are the least of their troubles... by egypt_jimbob · · Score: 3, Informative

      Seems simple, just assign the browser ring 3 security. Oh wait, its Windows (and the user is Administrator with no password). A spammer can still send spam from ring 3. A botnet herder can still run a bot from ring 3. A phisher can still change proxy settings from ring 3.
      Ring 0 only adds stealth to attacks that work just fine from ring 3.
      --
      I am a leaf on the wind. Watch how I soar.
  6. Not in Vista by El+Lobo · · Score: 4, Informative

    The vulnerability doesn't affect IE in protected (sandboxed, default) mode on Vista, of course.

    --
    It's time to realise that Abble's products are the biggest abomination these days. Just say NO to the dumb iAbble way!!
  7. Experts Quickly Noted However.... by rel4x · · Score: 5, Funny

    ...that the viruses using this attack were still easier to uninstall than RealPlayer itself.

    --

    Before you mod me funny, think, perhaps I was insightfully funny?
    1. Re:Experts Quickly Noted However.... by Fx.Dr · · Score: 5, Funny

      Upon attempting to exploit the flaw, the virus was promptly greeted with ...BUFFERING... ...BUFFERING...

  8. Video press release by operagost · · Score: 4, Funny

    Real has posted a video press release on this. I would like to tell you more, but it's still buffering. Maybe they should use Media Player for their press releases.

    --

    Gamingmuseum.com: Give your 3D accelerator a rest.
  9. I wouldn't worry... by Deacon_Yermouf · · Score: 2, Funny

    It's going to take a while for the virus to stop buffering....

  10. Real Alternative by gravis777 · · Score: 3, Informative

    http://www.free-codecs.com/download/Real_Alternative.htm

    Now I just have to worry about unpatched holes in Windows Media Player!

    Truthfully, I already have one bloated Media Player that is part of the OS on my machine, why would I want to install another?

    BTW:
    http://www.free-codecs.com/download/QuickTime_Alternative.htm
    To take care of that OTHER bloated media player

    1. Re:Real Alternative by suv4x4 · · Score: 5, Informative

      http://www.free-codecs.com/download/Real_Alternative.htm [free-codecs.com]
      Now I just have to worry about unpatched holes in Windows Media Player!

      Actually "Real Alternative" and "QuickTime Alternative" uses ripped off binary libraries straight off the official apps. It's quite likely you're vulnerable as well.

  11. Get with it by Skiron · · Score: 2, Funny

    New marketing name -> RealTrojans (or viruses/worms, whatever). Sales are UP!

  12. WARNING MS SHILL by Anonymous Coward · · Score: 5, Funny

    Nobody uses Vista because Vista's not compatible with Windows.

  13. Worried? Nah by jdjbuffalo · · Score: 2, Funny

    All 5 people who still have Real Player installed are in for a world of hurt...

    --
    We have four boxes with which to defend our freedom: the soap box, the ballot box, the jury box, and the cartridge box.
  14. Re:This just in: ActiveX STILL a bad idea... by Anonymous Coward · · Score: 2, Interesting

    This vulnerability has nothing to do with ActiveX. ActiveX is just one method of hosting a plugin. Any method of hosting a plugin would be exactly as vulnerable. Anytime a browser accepts data from an outside source and passes it onto a library to handle that is a possible point of attack. There have been plenty of vulnerabilities found in non-ActiveX plugins for Internet Explorer and other browsers. There have been vulnerabilities found in the very libraries used by the browsers to display common content like images.

    This is why the Vista approach is the correct approach: sandbox the browser. The process should be locked down so tight that when a vulnerability is inevitably discovered that the damage it can cause is mitigated. Every OS and every browser needs to incorporate these mechanisms by default.

  15. browser, -noun, a person or thing that browses by piratesyarr · · Score: 2, Funny

    The flaw is causing drive-by malware downloads when an IE user simply browsers to a maliciously rigged Web page.

    I like the use of the word browser as a verb.
    Also, drive-by malware downloads? This hood is no longer safe, yo!

    --
    Small though it is, the human brain can be quite effective when used properly.
  16. I suppose, it's a buffering ... by Anonymous Coward · · Score: 5, Funny

    overflow exploit, right?

  17. real player still part of google pack (beta)? by sillyphisher1 · · Score: 2, Informative

    Last time I saw real player was when I installed google pack on a windows machine years ago. I love picasa and google earth, and at the time a few of the other packages seemed like nice things to get all in 1 install. Real player was the deal killer- I never could figure out what good it was. It seems like it spent more of my time and CPU cycles trying to sell me on an upgrade than doing anything useful. What was/is google thinking on that one?

  18. Oh, relax.... by Foerstner · · Score: 4, Funny

    You seem to be inexplicably tense. Perhaps you should relax for a while and watch a television program.

    Or go to the theater, and watch a play. If you have any trouble understanding it, you might find more in the program they give you. Hold on to it, they're collectible.

    Whatever you do, though, don't rely on alcohol to relieve your anxiety. If you become dependant on it, you may need a twelve-step program to get yourself back on track.

    --
    The US free market: two halves of a government-granted duopoly are free to set the market price.
    1. Re:Oh, relax.... by Oktober+Sunset · · Score: 2, Insightful

      All those use of 'program' are incorrect, they should all have been 'programme'.

      You fail at both language and making a point.

      --
      What if Tetris was invented by Nazis?
    2. Re:Oh, relax.... by Antique+Geekmeister · · Score: 2, Interesting

      No, he failed at being British. In the US, it's spelled "program".

  19. Re:"Browsers to a maliciously rigged Web page" by Actually,+I+do+RTFA · · Score: 2, Funny

    Come on, I love verbing words.

    --
    Your ad here. Ask me how!
  20. MIT open courseware & Realplayer by Ethanol-fueled · · Score: 2, Informative

    The evil Realplayer is still required for some MIT open courseware. They should convert those files ASAP.