A “highly critical” hole in one of the most-used pieces of software in the world means that audio files will be music to hackers’ ears. The ubiquitous WinAmp program – used to play a huge range of media files – can provide someone with system access simply by getting someone to visit a malicious website. It all has to do with how the software loads Fasttracker 2 “.xm” media files.
It is possible to cause a heap overflow and so run code on the person’s system. A “.xm” file is not needed however, as the software runs through all supported files with the same faulty piece of code. This greatly increases the opportunities hackers may have to con someone into clicking a link and so providing them with system access. The flaw affects all WinAmps and so the only advice is to upgrade as soon as possible to the new patched version (5.03) on the company’s website.
|
TechWhack on Facebook
|
This website uses IntenseDebate comments, but they are not currently loaded because either your browser doesn't support JavaScript, or they didn't load fast enough.