A serious security vulnerability that affects people using a combination of Real Player and Internet Explorer on Windows PCs may have been discovered by NASA. Symantec has assigned the vulernability its highest possible threat level, according to Computer World.
The method in which Real Player works in tandem with Internet Explorer has created a hole through which malicious code can be downloaded to a person’s PC when they visit certain Web sites. An excerpt of the alleged NASA memo warning of the vulernability can be found on Roger’s Information Security Blog.
Although Real Networks is aware of the vulnerability, no fix is available at the time of this writing. Users are advised to either cease using Internet Explorer or uninstall Real Player until a patch is released. If you must use Real Player, Mozilla Firefox is a good alternative to IE.
Source: Mashable.
7 responses
October 22nd, 2007
Michael says:
Who even uses Real Player? I’ve heard that it kind of sucks. I mean if you really want a real alternative to WMP (or couldn’t upgrade to version 11), then WinAmp is the one.
And Firefox being an alternative to IE? Please. Obviously people haven’t even tried IE7 to see that it work just as well and even better with tons of security features, and sites still work crisp on IE compared to Firefox. Plus it’s not a memory hog.
If you want an alternative, go to Opera. That’s the one. Speedy and it just works.
Wanted to put some input on that.
October 22nd, 2007
Real Player Security Vulnerability Patched says:
[...] The Real Player security vulnerability that we reported yesterday has been addressed by the folks at Real, who have released a patch to fix the issue. [...]
October 22nd, 2007
Of Zen and Computing says:
“Who even uses Real Player”
I hear you there. I’ve never liked the program and haven’t used it for many years. Ultimately though people still use it and this was meant to be an informational post, so I omitted my two cents.
“And Firefox being an alternative to IE? Please.”
Firefox is very much so an alternative to IE. IE 7 is a big improvement over 6, but it’s still just playing catch-up to many of the features Firefox has used to lure users away. Plus, Firefox is cross-platform, which is a major draw for people such as myself who use different operating systems over the course of a day.
Speaking of Firefox’s features, one that IE still has not been able to compete with is the level of customization that’s possible with Firefox. The various browser extensions and Greasemonkey scripts really make Firefox a winner.
If people like Jeffrey Zeldman & the Web Standards Project, along with software like Opera, Firefox and Netscape 6 hadn’t forced Microsoft to take web standards seriously, who knows where IE would have taken the web?
Firefox persuaded me to dump IE 6 in the same way that IE 5 won me over from Netscape. Use the best tool for the job, and at this point in time I like Firefox. So do many other people - the numbers alone prove that it’s a contender.
I do agree with you on the memory issue though - Firefox can be a real hog!
October 22nd, 2007
Michael says:
Ok, cool. I respect your opinions.
I agree with you. I still personally prefer IE7, but I can see why FF users love their Firefox.
October 22nd, 2007
Of Zen and Computing says:
Thanks - I appreciate a good debate! Why can’t the rest of the world be so civil?
October 22nd, 2007
Matt Spragins says:
RealNetworks has issued a patch for this vulnerability that users can download here - http://service.real.com/realplayer/security/191007_player/en/
For more information about these patches and how the new RealPlayer has been improved, please visit the RealPlayer blog at http://www.realplayer.com/blog.
Matt Spragins
Real Networks
October 22nd, 2007
Matt Spragins says:
Here is the correct link to our Blog;
http://realplayer.com/blog/
Sorry for any confusion.
Matt Spragins
Real Networks
Leave a Comment