Security holes affect RealNetworks' media player
updated 02:15 pm EDT, Fri October 1, 2004
RealPlayer security
eEye has uncovered new affecting a wide range of RealNetworks' media players, including the Mac version, according Techworld. "The flaws could be exploited via a malicious Web page or a RealMedia file run from a local drive to take over a user's system or delete files, according to RealNetworks. The most serious of the three new bugs involves malformed calls, and could be exploited via a player embedded in a malicious site to execute arbitrary code. This bug affects RealPlayer 10, 10.5.... A second bug could also allow malicious code execution, but only via a local RM file, RealNetworks said. The bug affects several versions of RealPlayer and RealOne Player on Windows, Mac OS X and Linux." Update: These security problems are fixed in the final version of RealPlayer 10 (and were only present in the beta).














Moral of the story...
10/01, 11:46am reply
never install Real c*** on any computer you care about.
Then again, I'm sure you knew that already.
CambAngst
Forum Regular
Joined: Aug 2003
Spin
10/01, 11:56am reply
How are they going to spin this to blame Steve Jobs?
beeble
Fresh-Faced Recruit
Joined: Mar 2004
Surprised?
10/01, 11:57am reply
This is precisely why I keep Rob (have another donut) Glaser's c*** off of my Mac in the first place.
MacnTX
Fresh-Faced Recruit
Joined: Apr 2004
REAL Favor!
10/01, 12:24pm reply
Real should do everyone a big favor and curl up and die! All of their software has and always will suck. The quicker they go under, the better.
the_glassman
Mac Elite
Joined: Apr 2003
bug...or feature?
10/01, 12:27pm reply
I bet Real added this code as a feature to allow access to users machines. The RIAA probably had something to do with it, too. :) Now it's a bug because it's been discovered. Time to shutter up those offices Real, and have a fire sale on your Aerons and cubicle walls.
riverfreak
Mac Enthusiast
Joined: Aug 2001
Surprised?
10/01, 01:01pm reply
Wait, I thought Real's software was a virus. Its caused me countless hours of frustration and irritation, locking up my system, causing data loss, and has always been a pain to uninstall. If that's not a virus, I don't know what is. (Just an FYI, I also consider anything from Symantec as a virus as well - nothing like having trouble booting because you loaded in a new set of virus definitions).
testudo
Fresh-Faced Recruit
Joined: Aug 2001
turds
10/01, 01:07pm reply
And everytime you view a real player link it leaves a t*** ram file your desktop. Not to mention crashing often.
Jablabla
Fresh-Faced Recruit
Joined: Jan 2000
thats it
10/01, 01:09pm reply
Real removed from hard drive.
Jablabla
Fresh-Faced Recruit
Joined: Jan 2000
You can be smarter....
10/01, 01:58pm reply
If you look at the linked articled, it has a link to a service page on real which clear explains what the exploits are and which versions are imapcted. The latest Mac player is not, in fact, effected.
Remember that Apple just suffered two vulnerabilities with iChat a fact pointed out in the article. Remember two update a few weeks ago?
Stop wishing Real to go out of business. The people who work there have families and children and work hard to make a better product. Just because you're a rabid apple fan doesn't mean you have to wish ill health on people.
If you don't like the product, don't use it. But don't accuse them of doing something they're not doing.
redwood
Fresh-Faced Recruit
Joined: Oct 2003
Real
10/01, 02:27pm reply
I don't wish ill will or foreclosure on Real. They're certainly entitled to compete in the same business as Apple. I just wish they wouldn't resort to blatant cheap and illegal tactics (i.e. marketing under false intentions and pretenses) when doing so.
MChieh
Fresh-Faced Recruit
Joined: Jul 2000