A new zero day vulnerability has been discovered in both RealPlayer and RealPlayer 11 beta that can allow a remote exploit on computers running the affected music player software. According to Symantec, the vulnerability is being actively exploited.
The vulnerabilities affect an ActiveX object called "ierpplug.dll" in RealPlayer and can be exploited simply by using Internet Explorer to browse the Web. "The player does not need to be running," a Symantec blog post explains.
According to The Register, possible workarounds until RealNetworks issues a patch include:
- Set a kill bit in the Windows registry at FDC7A535-4070-4B92-A0EA-D9994BCC0DC5
- Configure IE to prompt before executing ActiveX scripts
- Configure Outlook and Outlook Express to display e-mail in plain text or to open HTML messages in the restricted sites security zone
- Switch to Firefox or alternative browsers as your primary browser
- Attackers feast on RealPlayer flaw (VNUnet)
- Attacks exploiting RealPlayer zero-day in progress (ComputerWorld)
- Attackers exploiting new RealPlayer flaw (PC World)
Paul Mah is a writer and blogger who lives in Singapore, where he has worked for a number of years in various capacities within the IT industry. Paul enjoys tinkering with tech gadgets, smartphones, and networking devices.