EEye Digital Security has uncovered new security holes affecting a wide range of RealNetworks' media players, the latest desktop-based bugs set to worry IT managers. The flaws could be exploited via a malicious Web page or a RealMedia file run from a local drive to take over a user's system or delete files, according to RealNetworks.
Researchers have turned up a myriad of serious security flaws in client software over the past few weeks, and such bugs can be difficult to patch because of the sheer number of desktops in use. Recently vulnerabilities have been revealed in WinAmp, WinZip, and Apple Computer's IChat messaging program. A vulnerability in the way Windows software decodes jpeg images has already been exploited by specially crafted pictures.
News source: PCWorld.com