Already posted here
http://www.techenclave.com/forums/342563-post4.html
_____________________________________
Winamp has published a security update to fix a critical vulnerability in its media player.
The move came after a security researcher known only as "Kozan" discovered a flaw in Winamp 5.12 that could be exploited to compromise users' systems. Proof of concept code was published on Sunday.
Attackers could exploit the flaw through a specially crafted playlist file. When the file is opened, the flaw causes a buffer overflow, allowing remote hackers to launch applications and take control of compromised systems.
The vulnerability effectively allows the attacker to turn the computer into a zombie system or steal data from the system's hard drive.
Security firm Secunia Latest News about Secunia gave the flaw its most severe security rating of "extremely critical."
The free Winamp media player is owned by AOL, and the vulnerability has been confirmed only for version 5.12.
Users launching the application will automatically be prompted to update to version 5.13, an AOL spokesperson said. Alternatively, they can download the updated application from the Winamp Web site.
Source: TechNewsWorld.com
http://www.techenclave.com/forums/342563-post4.html
_____________________________________
Winamp has published a security update to fix a critical vulnerability in its media player.
The move came after a security researcher known only as "Kozan" discovered a flaw in Winamp 5.12 that could be exploited to compromise users' systems. Proof of concept code was published on Sunday.
Attackers could exploit the flaw through a specially crafted playlist file. When the file is opened, the flaw causes a buffer overflow, allowing remote hackers to launch applications and take control of compromised systems.
The vulnerability effectively allows the attacker to turn the computer into a zombie system or steal data from the system's hard drive.
Security firm Secunia Latest News about Secunia gave the flaw its most severe security rating of "extremely critical."
The free Winamp media player is owned by AOL, and the vulnerability has been confirmed only for version 5.12.
Users launching the application will automatically be prompted to update to version 5.13, an AOL spokesperson said. Alternatively, they can download the updated application from the Winamp Web site.
Source: TechNewsWorld.com