Attacks exploiting RealPlayer zero-day in progress

[<rms () computerbytesman com>]

http://www.computerworld.com/action/article.do?command=viewArticleBasic
<http://www.computerworld.com/action/article.do?command=viewArticleBasic&art
icleId=9043319&intsrc=news_ts_head> &articleId=9043319&intsrc=news_ts_head

 

October 19, 2007 (Computerworld) <http://www.computerworld.com>  --
Attackers are exploiting a zero-day vulnerability in RealPlayer in order to
infect Windows machines running Internet Explorer
<http://www.computerworld.com/action/inform.do?command=search&searchTerms=Mi
crosoft+Internet+Explorer> , Symantec Corp.
<http://www.computerworld.com/action/inform.do?command=search&searchTerms=Sy
mantec+Corporation>  said late Thursday. The security company issued an
alert that rated the threat with its highest possible score. 

According to a warning issued to customers of its DeepSight threat network,
Symantec said an ActiveX
<http://www.computerworld.com/action/inform.do?command=search&searchTerms=Ac
tiveX>  control installed by RealNetworks Inc.
<http://www.computerworld.com/action/inform.do?command=search&searchTerms=Re
alNetworks+Inc.> 's RealPlayer program is flawed. When combined with
Microsoft Corp.'s Internet Explorer (IE) browser -- which relies on ActiveX
controls to extend its functionality -- the bug can be exploited and
malicious code downloaded to any PC that wanders to a specially crafted
site. 

Only systems on which both RealPlayer and IE have been installed are
vulnerable. 

.

 

A little more here:

 

http://www.securityfocus.com/bid/26130/info

 

 

 

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.