After Hours

Serious zero-day vulnerability threatens RealPlayer users

A new zero day vulnerability has been discovered in both RealPlayer and RealPlayer 11 beta that can allow a remote exploit on computers running the affected music player software. According to Symantec, the vulnerability is being actively exploited.

A new zero day vulnerability has been discovered in both RealPlayer and RealPlayer 11 beta that can allow a remote exploit on computers running the affected music player software. According to Symantec, the vulnerability is being actively exploited.

The vulnerabilities affect an ActiveX object called "ierpplug.dll" in RealPlayer and can be exploited simply by using Internet Explorer to browse the Web. "The player does not need to be running," a Symantec blog post explains.

According to The Register, possible workarounds until RealNetworks issues a patch include:

  • Set a kill bit in the Windows registry at FDC7A535-4070-4B92-A0EA-D9994BCC0DC5
  • Configure IE to prompt before executing ActiveX scripts
  • Configure Outlook and Outlook Express to display e-mail in plain text or to open HTML messages in the restricted sites security zone
  • Switch to Firefox or alternative browsers as your primary browser

Additional reading:

Are you affected by this vulnerability?

About

Paul Mah is a writer and blogger who lives in Singapore, where he has worked for a number of years in various capacities within the IT industry. Paul enjoys tinkering with tech gadgets, smartphones, and networking devices.

4 comments
eward
eward

Didn't I read a post on this site one and a half weeks ago that there is no such thing as a "zero-day" vulnerability? Just patched, unpatched and unknown vulnerabilities; and zero-day exploits?

martian
martian

Yes, you did indeed. So did I. Apparently, Paul did not. Maybe he and Chad Perrin ought to get together...

paulmah
paulmah

Are you affected by this vulnerability?

Editor's Picks