Real reveals six new bugs in RealPlayer

More problems for player used in ad server attack; Mac and Linux versions at risk

For the second time in eight days, new critical vulnerabilities that could be used to hijack machines have been fingered in the RealPlayer media player. The patched editions released last week for Windows, however, are not vulnerable to the half-dozen bugs, RealNetworks said.

Hard on the heels of the revelation that RealPlayer sported a major flaw and that the bug had been exploited by hackers who had compromised an ad server owned by 24/7 Real Media to spread malware to visitors of legitimate, trusted Web sites, RealNetworks posted information about the latest vulnerabilities.

All six bugs involve RealPlayer's problems parsing file formats and could be exploited by hackers who first crafted malicious files, then duped users into either opening those rigged files when they received them as e-mail attachments or visiting an attack site that hosted such files. Among the file types: .mov, .mp3, .rm, SMIL, .swf, .ram and .pl.

"Attackers can exploit these issues to execute arbitrary code in the context of RealPlayer," Symantec said in an alert. "Successful attacks can compromise the application and the underlying computer."

RealNetworks said that the most up-to-date Windows editions of RealPlayer 10.5 and beta Version 11 are immune to the attacks. Those versions were released last Friday (pacific time) when RealNetworks fixed a flaw in an ActiveX control it installed on systems running Internet Explorer. At least one of the newest flaws can also be traced to the ActiveX control.

Unlike last week's problem, however, four of the six vulnerabilities disclosed also can be exploited on Mac and Linux machines that have RealPlayer installed. Updated editions are also available for those operating systems, with links available from the security bulletin RealNetworks posted on its site.

Copenhagen-based vulnerability tracker Secunia ApS rated the six just-revealed RealPlayer bugs collectively as "highly critical," the second-highest mark it gives. Symantec rated the bugs separately, with at least one pegged as 8.5 out of a possible 10. But RealNetworks downplayed the risk. "We have received no reports of any machines actually compromised as a result of the now-remedied vulnerabilities," the company claimed.

It can't say the same for last week's vulnerability, which was used by unknown attackers to plant a Trojan horse on PCs whose owners had visited supposedly safe Web sites. The hackers had previously hijacked an ad server operated by Internet advertising company 24/7 Real Media Inc., then infected valid ads that 24/7 served to legitimate sites. When users viewed a page with an infected ad, their Internet Explorer browser was silently redirected to a malicious page from which the Trojan was downloaded and installed.

Although Symantec posted a detailed analysis of the RealPlayer vulnerability and the use of the compromised ad server, 24/7 Real Media has not responded to repeated e-mails this week seeking comment.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Gregg Keizer

Computerworld
Show Comments

Cool Tech

Breitling Superocean Heritage Chronographe 44

Learn more >

SanDisk MicroSDXC™ for Nintendo® Switch™

Learn more >

Toys for Boys

Family Friendly

Panasonic 4K UHD Blu-Ray Player and Full HD Recorder with Netflix - UBT1GL-K

Learn more >

Stocking Stuffer

Razer DeathAdder Expert Ergonomic Gaming Mouse

Learn more >

Christmas Gift Guide

Click for more ›

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Walid Mikhael

Brother QL-820NWB Professional Label Printer

It’s easy to set up, it’s compact and quiet when printing and to top if off, the print quality is excellent. This is hands down the best printer I’ve used for printing labels.

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?