RealPlayer vulnerable in Internet Explorer

Security experts are warning users to stop using the RealPlayer on Internet Explorer until a patch is released for a flaw researchers discovered which could allow code execution.

Researcher Elazar Broad has posted to the the Full Disclosure mailing list a so-called heap overflow vulnerability that makes it possible for an attacker to modify heap blocks after they are freed and overwrite certain registers.

This could allow code execution on a compromised machine. The vulnerability affects all versions of RealPlayer running under Internet Explorer.

Exploit code for this flaw has not yet been made public.

Without a patch from RealPlayer, security experts recommend disabling the killbit for the following ActiveX ClassIDs:

• 2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93;
• CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA.

However, disabling these killbits will also remove some functionality within the player.

To avoid the loss of functionality, security experts recommend using RealPlayer in a browser that doesn't support ActiveX, such as Mozilla Firefox (for Windows and Mac).

This article was first published as a blog on CNET News.com.

Talkback 0 comments

• IT and Telecommunications Jobs Australia Risk and Compliance Manager
• Compliance and Risk Analyst 3 month initial contract (C3)
• Senior Manager Information Security, Risk and Compliance/Melbourne/$
• JD 0905775 – Information Security Analyst – Vendor Assessments (base in Hong Kong)
• Information Security Analyst

TechGuides

How to protect yourself from RAID-related UREs

An Unrecoverable Read Error during a RAID rebuild can ruin an entire day. Scott Lowe talks about UREs and how you can avoid falling victim to this silent threat.

Read more »

Latest from Blog Central

Buying a projector? Try an LED TV instead

Read more »

Cutting-edge technology from premium sponsors

What are
Eco-Products? »

View Featured
Eco-Products »

Brought to you by:

 

 

 

More Tech Showcases:

Juniper Networks

Hitachi Eco-Products