Researcher discovers RealPlayer ActiveX bug

A security researcher said Monday he has discovered an unpatched ActiveX vulnerability in RealPlayer, the popular media player, and is working on an exploit.

The bug allows malware writers to potentially change heap blocks, which limit the amount of memory that can be stored, to overwrite certain registers, researcher Elazar Broad said today on the website for Neohapsis, a risk and security consultancy. Exploiting the flaw could result in the execution of malicious code.

RealPlayer uses an ActiveX control to play content inside a user's browser. The affected control is rmoc3260.dll version 6.0.10.45, Broad said.

In lieu of a fix, users are encouraged to set the kill bit for the control, he said.

A spokesman for RealPlayer, owned by Real Networks, did not immediately respond to a request for comment.

See original article on scmagazineus.com

Queensland gov reveals strategy to harden cyber defences

HCF chases near real-time intelligence on members' digital experience

Inside the API-First Shift Reshaping Enterprise Platforms

Dayforce shareholders back take-private deal

Uniting Care Through Technology: Better Health Network’s Seamless IT Transformation

Researcher discovers RealPlayer ActiveX bug

A security researcher said Monday he has discovered an unpatched ActiveX vulnerability in RealPlayer, the popular media player, and is working on an exploit.

Partner Content

Sponsored Whitepapers

Events

Most Read Articles

The BoM has finally tamed SSL

Commercial spyware targeted Samsung Galaxy users for months

Westpac factors post-quantum cryptography prep into "secure router" rollout

Researcher trawls cybercrime sites, collects billions of stolen credentials

Most popular tech stories

ABC drops Salesforce for Braze

Endeavour Group taps Qantas, Catch execs in digital leadership shake-up

Kmart Group tests AI in its finance operations

Westpac Intelligence Layer breaks cover

Uniting uses GenAI to cut admin burden for frontline care workers

HamiltonJet partners with digital services provider Fortude

SentinelOne signs distribution agreement with Sektor

Rapid7’s new SIEM combines exposure management with threat detection

The techpartner.news podcast, episode 3: Why security consultancy founder Kat McCrabb started with the hard stuff

Bluechip Infotech enters final stage of Goodson Imports acquisition

Blackberry celebrates "giant step forward"

'Touch-free' smartphone controlled with head movements

Telstra Purple acquires IoT specialists Alliance Automation, Aqura Technologies

Real-time information comes to Sydney bus stops

Govt launches consumer tech label program for smart devices

Queensland gov reveals strategy to harden cyber defences

HCF chases near real-time intelligence on members' digital experience

Inside the API-First Shift Reshaping Enterprise Platforms

Dayforce shareholders back take-private deal

Uniting Care Through Technology: Better Health Network’s Seamless IT Transformation

Researcher discovers RealPlayer ActiveX bug

A security researcher said Monday he has discovered an unpatched ActiveX vulnerability in RealPlayer, the popular media player, and is working on an exploit.

Partner Content

Sponsored Whitepapers

Events

Most Read Articles

The BoM has finally tamed SSL

Commercial spyware targeted Samsung Galaxy users for months

Westpac factors post-quantum cryptography prep into "secure router" rollout

Researcher trawls cybercrime sites, collects billions of stolen credentials

Most popular tech stories

ABC drops Salesforce for Braze

Endeavour Group taps Qantas, Catch execs in digital leadership shake-up

Kmart Group tests AI in its finance operations

Westpac Intelligence Layer breaks cover

Uniting uses GenAI to cut admin burden for frontline care workers

HamiltonJet partners with digital services provider Fortude

SentinelOne signs distribution agreement with Sektor

Rapid7’s new SIEM combines exposure management with threat detection

The techpartner.news podcast, episode 3: Why security consultancy founder Kat McCrabb started with the hard stuff

Bluechip Infotech enters final stage of Goodson Imports acquisition

Blackberry celebrates "giant step forward"

'Touch-free' smartphone controlled with head movements

Telstra Purple acquires IoT specialists Alliance Automation, Aqura Technologies

Real-time information comes to Sydney bus stops

Govt launches consumer tech label program for smart devices

Log In