Last Updated: 2008-03-11 12:23:41 UTC
by Swa Frantzen (Version: 1)
Real player is probably installed on many of your computers, and an exploit for an unpatched vulnerability was made public on the full-disclosure mailing list.
As a result, those using ActiveX capable browsers (read: MSIE) are vulnerable to attack, with no patch on the horizon yet.
- Set killbits for:
rmoc3260.dll version 188.8.131.52
But this will also remove the genuine functionality of the player.
- Use a browser that doesn't support ActiveX (there's plenty of those).
Swa Frantzen -- Gorilla Security