RealNetworks on Wednesday disclosed four critical bugs in a large number of its media products, then rolled out new, patched versions for Windows, Mac OS X, and Linux.
RealNetworks on Wednesday disclosed four critical bugs in a large number of its media products, then rolled out new, patched versions for Windows, MacOS X, and Linux.
The flaw quartet -- collectively labeled as "highly critical" by Danish vulnerability tracker Secunia -- affect RealPlayer, Rhapsody, Helix Player, and RealOne Player, said RealNetworks. Patched editions can be downloaded from the company's support Web site.
Vulnerabilities in how the products process .swf (Flash) and .mbc (Mimio) files, as well as others exploitable by malicious Web sites via surreptitious drive-by downloads, could allow hackers to run their own code on PCs and Macs.
The most recent versions of the popular RealPlayer media player, are not at risk; nor is the software for RealNetwork's music subscription service, Rhapsody.
RealNetworks said it has received no reports of systems actually hit with an exploit, but it still urged users to update as soon as possible.
RealPlayer required repeated patching in 2005, with fixes rolled out by the Seattle, Wash. company inNovember andOctober.
5 Top Federal Initiatives For 2015As InformationWeek Government readers were busy firming up their fiscal year 2015 budgets, we asked them to rate more than 30 IT initiatives in terms of importance and current leadership focus. No surprise, among more than 30 options, security is No. 1. After that, things get less predictable.
Join us for a roundup of the top stories on InformationWeek.com for the week of December 14, 2014. Be here for the show and for the incredible Friday Afternoon Conversation that runs beside the program.