toggle

AAPL Stock: 442.97 ( + 0.04 )

http://www.macnn.com/articles/08/07/29/realplayer.exploit.fix/

Security issues found in RealPlayer 10 for Mac

updated 02:35 pm EDT, Tue July 29, 2008

 

RealPlayer exploit fix


RealNetworks is urging Mac users to upgrade to version 11.0 of its RealPlayer application, due to a potential security exploit. The malware research site Secunia rates the problem as "highly critical," with potential risk of malicious system access and exposure of sensitive information. The vulnerability affects Realplayer v10 and v10.1 for Mac OS X. The company did not issue a patch, but is instead urging users to upgrade to RealPlayer 11.0. The company says there is a problem with Realplayer's ActiveX import method buffer overflow.

An advisory posted by Secunia says an error in the ActiveX control could cause memory corruption under certain circumstances. Hackers could use this weakness to compromise a user's system. The problem also affects some versions of RealPlayer for Windows and Linux. RealPLayer 11.0 for Mac -- and updates for other platforms -- are available at no cost from RealNetwork's website.


by MacNN Staff

Post tools:

TAGS :

 security, software, RealNetworks, malware

Related Articles

Recent Articles

toggle

Comments

  1. Guest

    Fresh-Faced Recruit

    Joined: Nov 1999

    0
    07/29, 03:27pm | report spam | Reply |

    Audio broken in 11

    I use a MOTU firewire interface for audio playback and RP 11's audio does not work. The audio simply gurgles along and is completely unintelligible.

  1. Mr. Strat

    Junior Member

    Joined: Jan 2002

    0
    07/29, 03:30pm | report spam | Reply |

    Who cares?

    I won't allow Real Player on any computer I use - PC or Mac. What a piece of s***!

  1. bonaccij

    Fresh-Faced Recruit

    Joined: Jun 2003

    0
    07/29, 03:31pm | report spam | Reply |

    But there is a problem!

    The problem with upgrading to RP 11 is that if you have a wireless internet connection, it will totally make your (Apple) laptop non-functional. I have posted over and over (including fixes) about these problems and none of them have been addressed yet by Real. For computers that aren't wireless, yes, it is a great upgrade. Everyone else should be very careful when deciding to upgrade to this release (build 884). You can check my posts on Versiontracker.

  1. ViktorCode

    Fresh-Faced Recruit

    Joined: Jan 2006

    0
    07/29, 03:46pm | report spam | Reply |

    Avoid Real Player

    Free advice: avoid this player. Slow, clunky, annoying piece of adware - this what it was few years ago when I fired it up for the first and the last time.

  1. jimothy

    Fresh-Faced Recruit

    Joined: Sep 2000

    0
    07/29, 05:20pm | report spam | Reply |

    Could be dangerous!

    Whew, thank goodness nobody uses Real! This could have been a serious problem.

  1. jscotta

    Fresh-Faced Recruit

    Joined: Jun 2002

    0
    07/30, 04:54pm | report spam | Reply |

    Real is still exists?

    I didn't know that Real still existed. And I'm shocked that anyone allows their stuff on any computer.

  1. jscotta

    Fresh-Faced Recruit

    Joined: Jun 2002

    0
    07/30, 04:55pm | report spam | Reply |

    Real is still exists?

    I didn't know that Real still existed. And I'm shocked that anyone allows their stuff on any computer.

Login Here

Not a member of the MacNN forums? Register now for free.

 
close
Photo
toggle

Network Headlines

toggle

Most Popular

MacNN Sponsor

Recent Reviews

MaxUpgrades MaxConnect for 2006-2008 Mac Pro

Nobody outside of Cupertino's privileged bunch knows the future of the Mac Pro line for sure. Despite Apple's reluctance to tell us wh ...

Brother HL-3170CDW LED Printer

We've mentioned before that we are far from a paperless society. For now, at least, there are tasks that require a piece of paper for ...

HTC One

It is hard to overstate just how critically important the HTC One is to the Taiwanese company’s fortunes. Despite its alarming decline ...

toggle

Most Commented

 

Popular News