Real Networks on Friday made a patch available for the zero-day vulnerability in its popular RealPlayer. Symantec researchers, a couple of days earlier, had disclosed a highly critical ActiveX vulnerability that could have permitted remote attackers to execute arbitrary code.
The bug affects the latest versions - RealPlayer 10.5 and RealPlayer 11 beta.
Because this application is highly used, users should apply the fix as soon as possible. Researchers said the flaw was being exploited in limited and targeted in-the-wild attacks.
Fix information is available here.
RealPlayer flaw patched - so patch!
By Dan Kaplan on Oct 24, 2007 4:56PM