RealPlayer security upgrade available
Important updates for your REAL PLAYERSecurity vendor Secunia on Tuesday reported a partial fix for a critical vulnerability it first reported last week affecting the RealPlayer software used to play media within Internet browsers on Windows, Mac, and Linux systems.
Specially crafted Shockwave files could lead to a buffer overflow, which could cause memory corruption under certain circumstances and allow a remote attacker to expose sensitive information on a compromised machine.
The following products are affected by one or all vulnerabilities
(see vendor's advisory for details):
* RealPlayer 11 (11.0.0 - 11.0.2 builds 6.0.14.738 - 6.0.14.802)
* RealPlayer 10.5 (6.0.12.1040-6.0.12.1663, 6.0.12.1698, 6.0.12.1741)
* RealPlayer 10
* RealPlayer Enterprise
* Mac RealPlayer 10.1 (10.0.0.396 - 10.0.0.503)
* Mac RealPlayer 10 (10.0.0.305 - 352)
* Linux RealPlayer 10
Solution:
Update to the latest versions. Please see the vendor's advisory for details [REAL PLAYER]
NOTE: Vulnerability #1 is not fully fixed in the updated RealPlayer 11.0.3 Build 6.0.14.806 and users are advised to set the kill-bit for the ActiveX control.
Windows Players:
:: Windows XP or Vista, please click here to download RealPlayer 11 from the web.
:: Windows 2000, Windows ME or Windows 98SE, you may get the security updates in the most recent version of RealPlayer 10.5 by following the instructions below.
RealOne Player (English only), RealOne Player V2, RealPlayer 10 and RealPlayer 10.5 customers require a full download to correct this issue. Please use the following steps to upgrade your Player:
1. In the Tools menu select Check for Update.
2. Select the box next to the "RealPlayer 10.5 with Harmony™ Technology" component.
Click Install to download and install the update
RealPlayer 8 (version 6.0.9.584) customers please use the following steps to upgrade your Player:
1. Go the Help menu.
2. Select Check for Update.
3. Select the box next to the "RealPlayer 10.5 with Harmony™ Technology" component.
4. Click Install to download and install the update.
RealPlayer Enterprise Solution:
"RealPlayer Enterprise product updates are available on your PAM site. For additional
information regarding RealPlayer Enterprise please click here."
RealPlayer for Mac OS X:
RealPlayer 10 for Mac OS X customers need to get the latest player to address this security issue. Please click here to upgrade your RealPlayer 11.
Linux Players:
Please click here to get an updated RealPlayer 11 for Linux.
::Subscribe for updates::
