Slashdot Mirror

← Back to Stories (view on slashdot.org)

RealPlayer Zero-Day Flaw Under Attack

Posted by Zonk on from the my-kingdom-for-a-patch dept.

openOption writes "ZDNet is reporting that hackers are actively exploiting a zero-day hole in RealNetworks' RealPlayer media player, a software program installed on tens of millions of Windows computers worldwide. The in-the-wild attacks targets a previously unknown and unpatched ActiveX vulnerability in the way RealPlayer interacts with Microsoft's Internet Explorer browser. The flaw is causing drive-by malware downloads when an IE user simply browsers to a maliciously rigged Web page."

7 of 150 comments (clear)

  1. Installed by millions... by Anonymous Coward · · Score: 5, Funny

    Used by no one... until now.

  2. SOFTWARE PROGRAM!!!11111```oneone by Anonymous Coward · · Score: 5, Funny


    a software program

    I like software programs. They run well on my computer PC and look nice on my display monitor. My computer PC works well, all the way from the electric power cable to the Ethernet network card, the hard disk hard drive, and my wireless keyboard keyboard and mouse mouse.

    (What are synonyms for keyboard and mouse?)

  3. Experts Quickly Noted However.... by rel4x · · Score: 5, Funny

    ...that the viruses using this attack were still easier to uninstall than RealPlayer itself.

    --

    Before you mod me funny, think, perhaps I was insightfully funny?
    1. Re:Experts Quickly Noted However.... by Fx.Dr · · Score: 5, Funny

      Upon attempting to exploit the flaw, the virus was promptly greeted with ...BUFFERING... ...BUFFERING...

  4. WARNING MS SHILL by Anonymous Coward · · Score: 5, Funny

    Nobody uses Vista because Vista's not compatible with Windows.

  5. I suppose, it's a buffering ... by Anonymous Coward · · Score: 5, Funny

    overflow exploit, right?

  6. Re:Real Alternative by suv4x4 · · Score: 5, Informative

    http://www.free-codecs.com/download/Real_Alternative.htm [free-codecs.com]
    Now I just have to worry about unpatched holes in Windows Media Player!

    Actually "Real Alternative" and "QuickTime Alternative" uses ripped off binary libraries straight off the official apps. It's quite likely you're vulnerable as well.