Critical Bug Found In Winamp 5.34

Winamp Danish vulnerability tracker Secunia and eEye Digital Security of California have discovered a flaw in the Winamp 5.34 plugin that decodes MP4 files. It seems that an attacker could compromise a computer by feeding a specially made MP4 file to the player. This would allow the attacker to execute malicious code remotely. According to eEye’s alert:

“A media player remote code execution vulnerability has a very high impact since the source of the malicious payload can be any site on the Internet. An even more critical problem is generated when clients are administrators on their local hosts, which would run the malicious payload with administrator credentials.”

While we wait for a patch from Nullsoft, a simple way to prevent this is to disassociate the .mp4 extension from Winamp by going to Options -> Preferences, then General Preferences -> File Types and deselecting MP4.

Technorati Tags: Winamp 5.34, Security Holes

Share and Enjoy: These icons link to social bookmarking sites where readers can share and discover new web pages.

(No Ratings Yet)

Loading ...

Liked this post? Subscribe to the RSS Feed

Thank you for reading this post. You can now Leave A Comment (0) or Leave A Trackback.

Post Info

This entry was posted on Thursday, May 3rd, 2007 and is filed under Internet News. .

You can follow any responses to this entry through the Comments Feed. You can Leave A Comment, or A Trackback.

Previous Post: Anti-Gravity Machine For Your Desk »
Next Post: Sony PSP Camera Arrives Next Month »

Related Posts:

Back to the Homepage

Latest Posts:

Note: Any comments are permitted only because the site owner is letting you post, and any comments will be removed for any reason at the absolute discretion of the site owner.