ActiveX Bug Surfaces in RealPlayer Media Player
A noted security researcher at ActiveX revealed, on March 10, 2008, vulnerability in RealNetwork's RealPlayer could be easily exploited by hackers to take control over Windows-loaded systems running Internet Explorer.
Elazar Broad, discovered of other ActiveX type vulnerabilities in Facebook, MySpace and Yahoo applications during January-February 2008, posted his results to the Full Disclosure mailing list that described RealPlayer as faulty, as reported by ComputerWorld on March 11, 2008.
Broad explained that it is possible to adjust heap blocks once they are released and overwrite some of the registers, possibly allowing execution of arbitrary code. He also published a proof-of-concept code for the attack and attempted to derive a feasible exploit.
Secunia, the Danish vulnerability tracker, rated the bug in RealPlayer as "highly critical", the company's second most severe threat ranks. It also pointed out that the flaw in Active X control, "rmoc3260.dll" file is a culprit, that attackers can exploit this bug by getting users to visit compromised or malicious Websites. In addition, Secunia said that the most recent make of RealPlayer 11 is flawed with the possibility that earlier versions are similarly flawed.
Last time in October 2007, when hackers knocked down RealPlayer, exploits introduced another security bug within RealPlayer's ActiveX control. The attacks were so serious that some organizations like a research facility of National Aeronautics and Space Administration (NASA) told their service users to avoid IE.
The flaw, which lies within an ActiveX control, affects only users of IE. ActiveX though enjoys widespread use by Microsoft Corp to enhance its browser's functionality, has been inflicted with a large number of security flaws. According to an Internet security vendor Symantec, 89% of over 230 browser bugs estimated during the first six months of 2007 were ActiveX bugs.
Suggestions from some quarters like the United States Computer Emergency Readiness Team (US-CERT) advise users to deactivate ActiveX controls.
While no patch is ready for the RealPlayer flaw, technically savvy users may edit the Windows registry and adjust the "kill bit" to deal with the faulty ActiveX control. Alternatively, they may switch to other browsers like Opera or Firefox. Security researchers have suggested non-reliance on ActiveX.
» SPAMfighter News - 17-03-2008