RealNetworks patches exploited security hole

Only the Windows versions of RealOne Player, RealOne Player version 2, RealPlayer 10 and RealPlayer 11 beta are affected.

To address a security hole being exploited by hackers, RealNetworks has issued a security fix for the Windows versions of RealOne Player, RealOne Player version 2, RealPlayer 10.5 and RealPlayer 11 beta. The Windows versions of RealPlayer 8 and earlier versions of RealNetworks are not vulnerable. Linux and Macintosh versions of RealPlayer are also not affected.

The attack targets an ActiveX object installed by RealPlayer, and affects how that object interacts with the Internet Explorer browser. The exploit, if executed, can corrupt process memory and execute arbitrary code.

Affected users should upgrade to RealPlayer 10.5 or RealPlayer 11 beta and install the the latest patch, which was released Friday.

About the author

    As CNET's former resident security expert, Robert Vamosi has been interviewed on the BBC, CNN, MSNBC, and other outlets to share his knowledge about the latest online threats and to offer advice on personal and corporate security.

     

    Join the discussion

    Conversation powered by Livefyre

    Show Comments Hide Comments
    Latest Galleries from CNET
    Bento boxes and gear for hungry geeks (pictures)
    The best tech products of 2014
    Does this Wi-Fi-enabled doorbell Ring true? (pictures)
    Seven tips for securing your Facebook account
    The best 3D-printing projects of 2014 (pictures)
    15 crazy old phones from a Korean museum (pictures)