On January 17th, 2002, a security exploit affecting RealPlayer 8 was brought to the attention of RealNetworks. The specific exploit, commonly known as a "buffer overrun", could allow an attacker to run arbitrary code on a victim's machine. We have not yet received reports of anyone actually being attacked with this exploit, however, a fix will be made available by end of day Friday via the RealPlayer AutoUpdate Service, and for Enterprise RealPlayer users at: http://www.service.real.com/help/faq/security/index.html. RealNetworks would like to thank Tim Morgan for reporting this issue to us and working with us to protect customers from unauthorized access to sensitive or proprietary information.
This archive was generated by hypermail 2b30 : Fri Jan 25 2002 - 12:04:45 PST