Real Threat for RealPlayer

Warning: If you're a REAL fan of RealPlayer, you could be in REAL trouble.

That's the word coming from security experts iDefense Inc. Apparently, older versions of both RealPlayer and Helix Player are susceptible to a crucial security hole that could allow a hacker entry into a user's PC, whether it was running Windows, a Mac OS, or Linux.

How is this possible?

Evidently, it seems certain versions of the players can be subjected to buffer overflows, which by default could allow unauthorized code to be executed on a user's machine. That's enough to give an attacker control of the PC as a whole.

Here's the kicker. iDefense has known about the issue since last October, but waited until this week to publish details. It could have a few RealPlayer and Helix fans up in arms, although there's no indication that widespread cracks have been made. (Source: pcworld.com)

So, who's most vulnerable?

If you're running 10.5 "Gold" RealPlayer or 1.x versions of the Helix Player, it's time to upgrade your version immediately. iDefense seems convinced that merely updating can prevent a hacker override. (Source: theregister.co.uk)

Although users will surely want to swap out their current versions for something safer, the chance of being hijacked is a bit rare. That's because a hacker would have to convince a user to download a malicious media file from a website before being able to unlock the door to their PC.

Still, better safe than (REAL) sorry.