On Monday, we told you about a serious 3ivx codec flaw, which could be exploited by hackers to take complete control of an affected system. Proof-of-concept code was spotted affecting Windows Media Player 6.4 and Winamp 5.32, and experts worried whether the bug may be exploitable in more recent versions of the popular media applications as well.
But protection is on the way, as 3ivx told SCMagazineUS.com today in an email that the company plans to issue a software update later this week. A company spokeswoman said the vulnerability is actually in the MP4 file format reader, not the MPEG-4 codec.
"The specific vulnerability is when MP4 or M4A file metadata (Artist, Album, Title, etc.) data is larger than expected, thus causing a buffer overflow," she said. "The problem with the various attacks available is they require a specific version of an MPEG-4 filter to be installed, and a specific player to be used to play the crafted MP4. Interestingly, if this were to become a serious problem for video content portals, it would be possible to scan content for invalid metadata before making the content available to the public. A little bit like virus scanning."
Don't let it come to that. Make sure you upgrade to the 5.0.2 release.
But protection is on the way, as 3ivx told SCMagazineUS.com today in an email that the company plans to issue a software update later this week. A company spokeswoman said the vulnerability is actually in the MP4 file format reader, not the MPEG-4 codec.
"The specific vulnerability is when MP4 or M4A file metadata (Artist, Album, Title, etc.) data is larger than expected, thus causing a buffer overflow," she said. "The problem with the various attacks available is they require a specific version of an MPEG-4 filter to be installed, and a specific player to be used to play the crafted MP4. Interestingly, if this were to become a serious problem for video content portals, it would be possible to scan content for invalid metadata before making the content available to the public. A little bit like virus scanning."
Don't let it come to that. Make sure you upgrade to the 5.0.2 release.
