News Stay informed about the latest enterprise technology news and product updates.

RealNetworks issues advisory for more critical flaws

In less than a week, RealNetworks Inc. widened the scope of its advisory to include all previous versions of its popular media players.

RealNetworks Inc. has released a second round of updates in less than a week for critical vulnerabilities in its RealPlayer, RealOne and HelixPlayer that could be exploited by an attacker to gain access to a system.

The second round expands the scope if the first advisory, addressing a different flaw in the way the players handle media files. Last week, the Seattle-based digital entertainment services vendor confirmed that attackers could exploit versions 10.5 and 11 beta of its popular media player to run malicious code on targeted machines.

This time versions 10.5 and earlier are affected, RealNetworks said in its updated advisory.

The problem is with boundary errors occurring when the players attempt to play various media files. An attack could be carried out when the victim visits malicious Web sites with Microsoft's Internet Explorer Web browser.

"We have received no reports of any machines actually compromised as a result of the now-remedied vulnerabilities," RealNetworks said.

Danish vulnerability clearinghouse Secunia rated the flaw "highly critical," since an exploit can be carried out remotely.

Dig Deeper on Productivity apps and messaging security

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.