Security Architecture, Endpoint/Device Security, Endpoint/Device Security, Security Strategy, Plan, Budget, Vulnerability Management, Patch/Configuration Management, Incident Response, TDR, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security

US-CERT warns of RealPlayer exploit

Updated Wednesday Jan. 2, 2008 at 6:49 p.m. EST

US-CERT (United States Computer Emergency Readiness Team) today warned RealPlayer users that it has received reports of publicly available exploit code for the popular multimedia platform.

The response team, part of the U.S. Department of Homeland Security, said the exploit affects RealPlayer version 11, the most recent edition.

Ryan Luckin, a RealNetworks spokesman, told today that the company is investigating the US-CERT report.

RealNetworks has contacted, a Moscow-based security testing firm that posted the exploit code on its site, but has yet to hear back, Luckin said. He added that the attack has not been used in the wild.

"It seems they just wrote a script and decided to post it and say, 'Hey, we can do this,'" Luckin said.

Last year experienced multiple high-profile vulnerabilities affecting media players.

In October, attackers launched limited attacks against a zero-day ActiveX vulnerability in RealPlayer. The flaw permitted attackers to bypass long parameters and cause stack-based overflows, enabling them to execute arbitrary code and infect a victim's machine with a trojan downloader; it was patched within three days.

Experts have said that attacks against media players will increase because end-users often consider the applications safe against malicious code.

"Anytime you've got players that are installed so pervasively around the world, it's a logical target for people who want to do a lot of damage," Luckin said.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.