All the latest UK technology news, reviews and analysis
|
|
|
31 Jan 2006
Winamp has published a security update to fix a critical vulnerability in its media player.
The move came after a security researcher known only as 'Kozan' discovered a flaw in Winamp 5.12 that could be exploited to compromise users' systems. Proof of concept code was published on Sunday.
Attackers could exploit the flaw through a specially crafted playlist file. On opening the file the flaw results in a buffer overflow, allowing remote hackers to launch applications and take control of compromised systems.
The vulnerability effectively allows the attacker to turn the computer into a zombie system or steal data from the system's hard drive.
Security firm Secunia gave the flaw its most severe security rating of 'extremely critical'.
The free Winamp media player is owned by AOL, and the vulnerability has been confirmed only for version 5.12.
Users launching the application will automatically be prompted to update to version 5.13, an AOL spokesperson told vnunet.com. Alternatively they can download the updated application from the Winamp website.
Latest stories from Security
Related articles
Related jobs
Poll
What is the most important IT priority for your company this year?
Connect with V3.co.uk
This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes
Why good data management at all levels is essential in the modern business (video, 6mins)
Business Analyst urgently required with a background...
We have an opportunity for an experienced Business Architect...
Leading Institutional Investment Manager require an individual...
Leading Institutional Fund Manager require a Senior IT...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?