CNET también está disponible en español.

Ir a español

Don't show this again


Fixes in for RealPlayer flaws

RealNetworks patches a "critical" clutch of holes in its media player products, which could be used to let intruders run code on PCs.

RealNetworks has warned of four flaws in its media player software, three of which pose a severe security risk.

The Seattle-based digital media company released patches on Thursday to fix the problems. The bugs affect older versions of its flagship RealPlayer as well as of Rhapsody, Helix Player and RealOne Player. They aren't found in the most recent versions of RealPlayer and Rhapsody, according to a company advisory. The flaws are found in RealNetworks' software for Microsoft Windows, Mac OS X and Linux systems.

iDefense, a VeriSign company, is one of those credited by RealNetworks with reporting a problem. It has issued a

The vulnerabilities have been rated "highly critical" in an advisory from Secunia. The Danish security company said that one flaw in processing SWF files, used to play Flash media, could also be used to commandeer a computer. Another bug, in the processing of MBC files used for Mimio BoardCast audio sessions, could also ultimately allow a break-in on a machine.

While no cases of actual compromised computers have surfaced, RealNetworks strongly recommends people upgrade to the most current version of its media software. A detailed list of vulnerable versions and the free upgrades can be found on its posted alert.