Attacks exploiting RealPlayer zero-day in progress

Filed under Vulnerabilities

Yet another example of vulnerabilities in client software (ie: drive by downloads)..which is a huge attack vector. I can’t remember when the last remotely exploitable vulnerability was. As usual, IE ActiveX is to blame (when running RealPlayer 10.5 or 11 beta). Below is an article about the vulnerability:

Attacks exploiting RealPlayer zero-day in progress

Security Focus BID here.

Patch located here.

If you haven’t already..as a reminder stop using IE and use Firefox or another non-ActiveX browser. You may also want to disable ActiveX even if you don’t use IE on your Windows PC to mitigate the potential risk of future exploits.

Post a Comment

Your email is never published nor shared. Required fields are marked *

*
*