Real to offer fix for RealPlayer security flaw

Written by James Delahunty @ 20 Oct 2007 6:16 User comments (2)

RealNetworks Inc. has announced that a fix will be made available for a critical unpatched vulnerability in the RealPlayer software. Symantec Corp. researchers discovered yesterday that the vulnerability was already being exploited by malware authors. "Real has created a patch for RealPlayer 10.5 and RealPlayer 11 that addresses the vulnerability identified by Symantec," wrote RealNetworks General Manager of Product Development Russ Ryan, in a Friday blog posting.

He added: "Real will make this patch available to users via this blog and our security update page later today." He said that users of RealOne Player, RealOne Player v2, and RealPlayer 10 should upgrade to the 10.5 version or the RealPlayer 11 beta code and install the patch. The attack exploits a flaw in an ActiveX browser helper object, affecting only Internet Explorer users running Windows.

"The exploit itself is embedded in advertisements that were being served by 247realmedia.com," Symantec said in a note on its DeepSight threat management system. "The redirection to the exploit page... was accomplished through an iFrame embedded in each advertisement."

Source:
Yahoo (PC World)

<Cyberlink PowerDVD certified for playback of BD-RE 3.0 format >Update: IFPI and Pirate Bay to do battle over domain name

2 user comments

124.10.2007 02:53

borhan9

Send private message to this user

AfterDawn Addict

I prefer the real player alternatve because its smaller and easier to use and does not have ad support.

225.10.2007 14:05

MattSpra

Send private message to this user

Newbie

RealNetworks has issued a patch for this vulnerability that users can download here -
http://service.real.com/realplayer/security/191007_player/en/

For more information about these patches and how the new RealPlayer has been improved, please visit the RealPlayer blog at www.realplayer.com/blog/

Matt Spragins
Real Networks

This message has been edited since its posting. Latest edit was made on 25 Oct 2007 @ 8:27

Comments have been disabled for this article.

	VLC hits milestone: over 5 billion downloads (16 Mar 2024 4:31) VLC Media Player, the versatile video-software powerhouse, has achieved a remarkable feat: it has been downloaded over 5 billion times. 2 user comments
	Sideloading apps to Android gets easier, as Google settles its lawsuit (19 Dec 2023 11:09) Google settled its lawsuit in September 2023, and one of the settlement terms was that the way applications are installed on Android from outside the Google Play Store must become simpler. In the future, installing APK files will be easier. 8 user comments
	Roomba Combo j7+ review - Clever trick allows robot vacuum finally to tackle home with rugs and carpets (06 Jun 2023 9:19) Roomba Combo j7+ is the very first Roomba model to combine robot vacuum with mopping features. And Roomba Combo j7+ does all that with a very clever trick, which tackles the problem with mopping and carpets. But is it any good? We found out.
	Neato, the robot vacuum company, ends its operations (02 May 2023 3:38) Neato Robotics has ceased its operations. American robot vacuum pioneer founded in 2005 has finally called it quits and company will cease its operations and sales. Only a skeleton crew will remain who will keep the servers running until 2028. 5 user comments
	How to Send Messages to Yourself on WhatsApp (20 Mar 2023 1:25) The world's most popular messaging platform, Meta-owned WhatsApp has enabled sending messages to yourself. While at first, this might seem like an odd feature, it can be very useful in a lot of situations. .... 18 user comments

	HOWTO: Boot Android device into Safe Mode Are you having trouble with your Android device? If you find that your device has become sluggish, is freezing, takes too long to boot or any of a host of other performance concerns, you may want to boot into Safe Mode.
	Windows 11: Check if TPM is enabled on your computer In this short guide we will look at how you can check the status of Trusted Platform Module (TPM) on your PC ahead of the coming launch of Windows 11.
	GUIDE: Wi-Fi speeds are slow? Here are some tips Having problems with Wi-Fi speed and stability at home? Here are some tips to follow to alleviate the issues. 1 user comment
	What IP rating for dust and water resistance means An IP classification (such as IP68) is given to mobile phones, Bluetooth speakers, and other devices, but what do these classifications mean? 1 user comment
	Guide: Is Your Wi-Fi Sluggish or Slow? Here's How to Fix Do you have problems with you Wi-Fi? Slow connection or is it cutting off constantly? This guide aims to remedy these problems. 1 user comment

Real to offer fix for RealPlayer security flaw

2 user comments

Latest news

Reviews

Guides

News archive

Subscribe

Sections:

Follow us:

	Roomba Combo j7+ review - Clever trick allows robot vacuum finally to tackle home with rugs and carpets Roomba Combo j7+ is the very first Roomba model to combine robot vacuum with mopping features. And Roomba Combo j7+ does all that with a very clever trick, which tackles the problem with mopping and carpets. But is it any good? We found out.
	Review: Samsung Jet Bot 90 AI+ - a high-end robot vacuum cleaner Samsung's Jet Bot 90 AI+ is a top-class robot vacuum cleaner that can avoid obstacles and empty its own dust container. Here we review the product. 1 user comment
	Samsung Jet Bot 80+ review - excellent robot vacuum cleaner We review Samsung's Jet Bot 80+ robot vacuum cleaner over a period of three months. 1 user comment