Tuesday, October 23, 2007

RealPlayer Zero-Day Patch Released

Via RealNetworks -

RealNetworks has issued a fix for a vulnerability, identified by Symantec, that affects the import method of an Active X control.

RealPlayer 10.5 and RealPlayer 11 beta users should install the following patch to address this security vulnerability that aims to cause buffer overflow that could provide the potential for an attacker to run arbitrary or malicious code on a user’s PC.

RealOne Player, RealOne Player v2 and RealPlayer 10 users should upgrade immediately to RealPlayer 10.5 or RealPlayer 11 beta and install the available patch to ensure this security vulnerability is addressed.

2 comments:

  1. RealNetworks has issued a patch for this vulnerability that users can download here - http://service.real.com/realplayer/security/191007_player/en/

    For more information about these patches and how the new RealPlayer has been improved, please visit the RealPlayer blog at www.realplayer.com/blog.

    Matt Spragins
    Real Networks

    ReplyDelete