US-CERT warns of RealPlayer exploit
US-CERT (United States Computer Emergency Readiness Team) today warned RealPlayer users that it has received reports of publicly available exploit code for the popular multimedia platform.
The response team, part of the U.S. Department of Homeland Security, said the exploit affects RealPlayer version 11, the most recent edition.
Ryan Luckin, a RealNetworks spokesman, told SCMagazineUS.com today that the company is investigating the US-CERT report.
RealNetworks has contacted Gleg.net, a Moscow-based security testing firm that posted the exploit code on its site, but has yet to hear back, Luckin said. He added that the attack has not been used in the wild.
"It seems they just wrote a script and decided to post it and say, 'Hey, we can do this,'" Luckin said.
Last year experienced multiple high-profile vulnerabilities affecting media players.
In October, attackers launched limited attacks against a zero-day ActiveX vulnerability in RealPlayer. The flaw permitted attackers to bypass long parameters and cause stack-based overflows, enabling them to execute arbitrary code and infect a victim's machine with a trojan downloader; it was patched within three days.
Experts have said that attacks against media players will increase because end-users often consider the applications safe against malicious code.
"Anytime you've got players that are installed so pervasively around the world, it's a logical target for people who want to do a lot of damage," Luckin said.