|
Peer to Peer The 3rd millenium technology! |
|
Thread Tools | Search this Thread | Display Modes |
07-02-04, 08:18 PM | #1 |
Join Date: May 2001
Location: New England
Posts: 10,024
|
Real Player Struck By Massive Security Hole
System Access Just One Song Away
Kieren McCarthy Media player Real Player - one of the most used pieces of software on the Internet - has been struck by several highly critical vulnerabilities that could allow a malicious user system access to your PC. Jouko Pynnönen and Mark Litchfield of NGSSoftware have discovered that by creating altered media and Real Media files (with the filenames .rp, .rt, .ram, .rpm and .smil) it is possible to cause a buffer overflow and run code on the user’s PC. All the user would have to do is click on the link and the file’s author would be able to run whatever program they liked on the host PC. This is not good. Thankfully, the discoverers informed Real and kept schtum until the company had produced a patch, which was made available today. The issue affects virtually all the company’s players including RealPlayer 8, RealPlayer 10, RealOne Player v1, RealOne Player v2 and RealOne Enterprise Desktop. It is strongly advised, therefore, that anyone with a Real Player click on the Tools menu and “Check for Update” to download the necessary patches. The problem though - as ever - is how many people will, how long it will take them and how much trouble can be created in the meantime. A huge percentage of Real users make sure that automatic updating is turned off due to the company's constant efforts to get them to upgrade to a pay-for version of the player. Even if the update check is run, the 9MB update to fix the vulnerabilities is not very clearly flagged and doesn't appear to be very important. Real, it seems, still has much to learn about how to deal with security holes. For more info visit Real’s site here, or NGSSoftware’s page on the problem here. http://www.techworld.com/news/index....ews&NewsID=986 |
07-02-04, 09:27 PM | #2 | |
Just Looking Around
Join Date: Jan 2002
Location: Right here!!!
Posts: 341
|
If it wasn't for some websites forcing you to use Realplayer for streaming video would anyone even use this garbage
Quote:
__________________
"What country can preserve its liberties if their rulers are not warned from time to time that their people preserve the spirit of resistance. Let them take arms." - Thomas Jefferson |
|
07-02-04, 11:00 PM | #3 |
fish tacos ftw
Join Date: May 2000
Posts: 2,809
|
Buffering............................
|
08-02-04, 12:43 AM | #4 |
Join Date: Mar 2000
Posts: 2,160
|
Last edited by zombywoof : 11-02-04 at 08:40 AM. |
08-02-04, 05:24 AM | #5 | |
Dawn's private genie
Join Date: May 2001
Location: the Canadian wasteland
Posts: 4,461
|
Quote:
Unfortunately many streams don't work with the Real Alternative. You could download them but sometimes webmasters play hide and seek with their content and it becomes difficult. |
|
08-02-04, 08:14 AM | #6 |
Join Date: Mar 2000
Posts: 2,160
|
Last edited by zombywoof : 11-02-04 at 08:42 AM. |
08-02-04, 08:54 PM | #7 |
my name is Ranking Fullstop
Join Date: Dec 2001
Location: Promontorium Tremendum
Posts: 4,391
|
i hate #&*% Real Player
i have to use it to load my Rio mp3 player...what should be just a simple drag-and-drop operation is a bloated, tedious, time consuming process via Real Player. |
08-02-04, 10:42 PM | #8 |
Join Date: Mar 2000
Posts: 2,160
|
Last edited by zombywoof : 11-02-04 at 08:39 AM. |
09-02-04, 12:22 AM | #9 |
Earthbound misfit
Join Date: May 2001
Location: Moses Lake, Washington
Posts: 2,563
|
Fortunatly RealOne crashes every time I try to play a stream on my computer, so I have no temptations to use it anymore.
|
Thread Tools | Search this Thread |
Display Modes | |
|
|