Security patches issued for RealPlayers
RealNetworks releases patches for its audio-video players in an effort to prevent attacks via buffer overflows.
RealNetwork's patches, released Tuesday, address vulnerabilities in the software that could allow an attacker to run arbitrary or malicious code on a person's computer when a malicious WAV or SMIL file is processed.
Secunia, a security information company, rated the vulnerabilities as critical.
The company released updates for flaws in the Mac RealPlayer 10 and for several Windows players, including RealPlayer 10.5, RealPlayer 10, RealPlayer Enterprise and certain versions of RealOne Player v2.
Upgrades are required for Windows players RealOne Player v1, RealPlayer 8 and certain versions of RealOne Player v2. Upgrades are also needed for the Mac RealOne Player, Linux RealPlayer 10, and the Helix Player for Linux.
Another flaw was discovered in the players in October. That vulnerability could have allowed an attacker to create fake movie files that would run a program on victims' computers.