Hi malware fighters,
Not only users of VLC are confronted with an unpatched media player, also users of RealPlayer, Zoom Player, Cool Player are vulnerable. In the case of Zoom Player can attacker can remotely take over the system if the user opens a malicious PLS or ZPL file. All versions are vulnerable, and the developer is hoping to bring out a new beta soon that solves the problem.
CoolPlayer users have to look out for OGG files, an attacker may run random code that way. Users with Total Player can be hacked through malicious M3U playlists.
For RealPlayer 11 a "0day exploit demo" appeared online. The vulnerability has been tested for build 6.0.14.748. As patches are not yet available, users are warned to be careful what you open or scan using DrWeb's online hyperlink scanner plug in.
polonus
