Researcher discovers RealPlayer ActiveX bug

A security researcher said Monday he has discovered an unpatched ActiveX vulnerability in RealPlayer, the popular media player, and is working on an exploit.

The bug allows malware writers to potentially change heap blocks, which limit the amount of memory that can be stored, to overwrite certain registers, researcher Elazar Broad said today on the website for Neohapsis, a risk and security consultancy. Exploiting the flaw could result in the execution of malicious code.

RealPlayer uses an ActiveX control to play content inside a user's browser. The affected control is rmoc3260.dll version 6.0.10.45, Broad said.

In lieu of a fix, users are encouraged to set the kill bit for the control, he said.

A spokesman for RealPlayer, owned by Real Networks, did not immediately respond to a request for comment.

See original article on scmagazineus.com

New York to require social media platforms to display mental health warnings

Trump's AI hiring campaign draws interest from 25,000 hopefuls

Waymo to update software after power outage snarls robotaxis

Telstra used ConnectID impermissibly for months

NSW Housing Development Authority largely cleared on shadow AI use

Researcher discovers RealPlayer ActiveX bug

A security researcher said Monday he has discovered an unpatched ActiveX vulnerability in RealPlayer, the popular media player, and is working on an exploit.

Partner Content

Sponsored Whitepapers

Events

Most Read Articles

Telstra used ConnectID impermissibly for months

University of Sydney "online IT code library" breached

UK government was hacked in October, minister confirms

NSW Health clinicians "normalise" bypass of cyber security controls

Most popular tech stories

Audit Office of NSW and Data61 explore AI for gov auditing

State of HR Tech

Zara turns to AI to generate fashion imagery

State of HR Tech 2025

Cochlear pilots voice-to-text Salesforce integration for lead management

HamiltonJet partners with digital services provider Fortude

SentinelOne signs distribution agreement with Sektor

Rapid7’s new SIEM combines exposure management with threat detection

The techpartner.news podcast, episode 3: Why security consultancy founder Kat McCrabb started with the hard stuff

Bluechip Infotech enters final stage of Goodson Imports acquisition

Blackberry celebrates "giant step forward"

'Touch-free' smartphone controlled with head movements

Home-grown Higgns to bring IoT to the world

Govt launches consumer tech label program for smart devices

IoT Awards: How the OPENAIR project is helping councils monitor air quality

New York to require social media platforms to display mental health warnings

Trump's AI hiring campaign draws interest from 25,000 hopefuls

Waymo to update software after power outage snarls robotaxis

Telstra used ConnectID impermissibly for months

NSW Housing Development Authority largely cleared on shadow AI use

Researcher discovers RealPlayer ActiveX bug

A security researcher said Monday he has discovered an unpatched ActiveX vulnerability in RealPlayer, the popular media player, and is working on an exploit.

Partner Content

Sponsored Whitepapers

Events

Most Read Articles

Telstra used ConnectID impermissibly for months

University of Sydney "online IT code library" breached

UK government was hacked in October, minister confirms

NSW Health clinicians "normalise" bypass of cyber security controls

Most popular tech stories

Audit Office of NSW and Data61 explore AI for gov auditing

State of HR Tech

Zara turns to AI to generate fashion imagery

State of HR Tech 2025

Cochlear pilots voice-to-text Salesforce integration for lead management

HamiltonJet partners with digital services provider Fortude

SentinelOne signs distribution agreement with Sektor

Rapid7’s new SIEM combines exposure management with threat detection

The techpartner.news podcast, episode 3: Why security consultancy founder Kat McCrabb started with the hard stuff

Bluechip Infotech enters final stage of Goodson Imports acquisition

Blackberry celebrates "giant step forward"

'Touch-free' smartphone controlled with head movements

Home-grown Higgns to bring IoT to the world

Govt launches consumer tech label program for smart devices

IoT Awards: How the OPENAIR project is helping councils monitor air quality

Log In