All the latest UK technology news, reviews and analysis
|
|
|
22 Oct 2007
Online criminals are exploiting a new, unpatched vulnerability in the Real Player application.
Security firm Symantec said that fewer than 50 infections had been reported, and that the attack is currently limited to just a few websites.
The attack targets an unpatched vulnerability in the RealPlayer media player application.
Real Networks told vnunet.com that a fix for the vulnerability should be up by the end of Friday (19 October).
The vulnerability lies in the way a Real Player component handles ActiveX calls. ActiveX is a system used to link Internet Explorer with other applications such as Real's media player.
When the user accesses a specially crafted web page, malicious javascript is run which targets the vulnerability and installs a trojan.
This trojan in turn downloads and installs another piece of malware which lowers the security settings in Internet Explorer, making it easier to carry out future attacks on the user's system.
Upon successfully executing the exploit, RealPlayer then plays a standard test video.
Symantec said that Firefox is not believed to be affected by the flaw, as it does not utilize ActiveX.
The company notes that this is not the first time a flaw in the component, known as ierpplug.dll, has been reported. Last December, a security researcher was able to exploit the component to achieve a denial of service.
The US Computer Emergency Response Team (US-CERT) advises users to disable ActiveX controls until a fix becomes available.
Symantec noted that advanced users can also mitigate the risk by setting a kill bit in the Windows registry, which will prevent the vulnerable ActiveX control from running.
Latest stories from Security
Related articles
Related jobs
Poll
What is the most important IT priority for your company this year?
Connect with V3.co.uk
This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes
Why good data management at all levels is essential in the modern business (video, 6mins)
Support Analyst x 1/2 Skills: Apple Mac OSX, Windows...
Network Consultant - London - 55-65k My client are...
A leading global provider of critical information to...
Playstations and table football in the kitchen? Standard...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?
Real Player ignores the default browser
I'm a FireFox user exclusively and recently Real Player keeps sending a "Security Alert" message regarding the above mentioned "flaw". When you click on the "Get the update now" button, Real Player opens an IE7 session and ignores my chosen default browser "FF". So this "security fix" forces an IE7 open, just the security problem we try to avoid by using FF. Great fix Real Player...
Posted by: Ken McKenzie 13 Nov 2007
RealPlayer Update
RealNetworks has issued a patch for this vulnerability that users can download here - http://service.real.com/realplayer/security/191007_player/en/] For more information about these patches and how the new RealPlayer has been improved, please visit the RealPlayer blog at www.realplayer.com/blog. Matt Spragins Real Networks
Posted by: Matt Spragins 25 Oct 2007