Researcher discovers RealPlayer ActiveX bug

A security researcher said Monday he has discovered an unpatched ActiveX vulnerability in RealPlayer, the popular media player, and is working on an exploit.

The bug allows malware writers to potentially change heap blocks, which limit the amount of memory that can be stored, to overwrite certain registers, researcher Elazar Broad said today on the website for Neohapsis, a risk and security consultancy. Exploiting the flaw could result in the execution of malicious code.

RealPlayer uses an ActiveX control to play content inside a user's browser. The affected control is rmoc3260.dll version 6.0.10.45, Broad said.

In lieu of a fix, users are encouraged to set the kill bit for the control, he said.

A spokesman for RealPlayer, owned by Real Networks, did not immediately respond to a request for comment.

See original article on scmagazineus.com

Australian chief at US defence contractor L3Harris sold exploits to Russia

Coles offers ChatGPT Enterprise to corporate staff

Amazon launches AI infrastructure project

Coles to transform finance as 'cloud ERP' program evolves

NSW Office for AI appoints its first director, looks for 13 more staff

Researcher discovers RealPlayer ActiveX bug

A security researcher said Monday he has discovered an unpatched ActiveX vulnerability in RealPlayer, the popular media player, and is working on an exploit.

Partner Content

Sponsored Whitepapers

Events

Most Read Articles

Euro cops take down cybercrime network with 49 million fake accounts

QLD government retires CISO position title

Hidden "Glassworm" malware spreads through infected VS Code extensions

Tasmanian gov agencies impacted by cyber attack

Most popular tech stories

Coles to transform finance as 'cloud ERP' program evolves

IAG bolsters martech stack to drive customer engagement

Jemena builds out finance automation for its month-end processes

Mondelez to use gen AI tool to create marketing videos

ASIC's payroll revamp helps it repatriate staff from ATO

HamiltonJet partners with digital services provider Fortude

SentinelOne signs distribution agreement with Sektor

Rapid7’s new SIEM combines exposure management with threat detection

The techpartner.news podcast, episode 3: Why security consultancy founder Kat McCrabb started with the hard stuff

Bluechip Infotech enters final stage of Goodson Imports acquisition

Blackberry celebrates "giant step forward"

Photos: Australian industry explores data for net zero

'Touch-free' smartphone controlled with head movements

Govt launches consumer tech label program for smart devices

Melbourne reveals its smart city ambitions

Australian chief at US defence contractor L3Harris sold exploits to Russia

Coles offers ChatGPT Enterprise to corporate staff

Amazon launches AI infrastructure project

Coles to transform finance as 'cloud ERP' program evolves

NSW Office for AI appoints its first director, looks for 13 more staff

Researcher discovers RealPlayer ActiveX bug

A security researcher said Monday he has discovered an unpatched ActiveX vulnerability in RealPlayer, the popular media player, and is working on an exploit.

Partner Content

Sponsored Whitepapers

Events

Most Read Articles

Euro cops take down cybercrime network with 49 million fake accounts

QLD government retires CISO position title

Hidden "Glassworm" malware spreads through infected VS Code extensions

Tasmanian gov agencies impacted by cyber attack

Most popular tech stories

Coles to transform finance as 'cloud ERP' program evolves

IAG bolsters martech stack to drive customer engagement

Jemena builds out finance automation for its month-end processes

Mondelez to use gen AI tool to create marketing videos

ASIC's payroll revamp helps it repatriate staff from ATO

HamiltonJet partners with digital services provider Fortude

SentinelOne signs distribution agreement with Sektor

Rapid7’s new SIEM combines exposure management with threat detection

The techpartner.news podcast, episode 3: Why security consultancy founder Kat McCrabb started with the hard stuff

Bluechip Infotech enters final stage of Goodson Imports acquisition

Blackberry celebrates "giant step forward"

Photos: Australian industry explores data for net zero

'Touch-free' smartphone controlled with head movements

Govt launches consumer tech label program for smart devices

Melbourne reveals its smart city ambitions

Log In