RealPlayer Patches Critical Flaws
RealNetworks Inc. has issued patches to fix at least two serious security holes in a number of its RealVideo and RealOne media players. These flaws are especially interesting because they are present in versions of the company's software designed for each major operating system platform, including Windows, Mac and Linux.
According to RealNetworks, the flaws could be used by attackers to install spyware on your machine or to take complete control over it. If you have any version of RealPlayer installed on your machine, you should update to the newest version.
To find out whether you need to update, you first need to figure out which version of Real you are running. To check, fire up RealPlayer and go to the Help Menu, then select "About RealPlayer." Then refer to this link to see if your version is affected.
Unless you see a "no" next to your version number, it's time to upgrade. Lower on the same page are operating-system-specific instructions for updating to the latest, patched version of the software.
Update, 10:25 a.m. ET: It appears that in some cases, users who want to update to the latest version of Real (the one without all the security flaws) must "upgrade," which usually means they must pay for the patches. I've said this before, and I'll say it again -- at the risk of inciting a flame war: requiring people to pay for security patches may be a useful idea from a business perspective, but it's a horrible one from a security standpoint. Companies like Real always claim that there are significant updates to functionality, usability, etc., in addition to security fixes in their "upgrades." Well, super, but I say isssue the security updates separately, not as an enticement to wring money out of your user base, many of whom have already paid for the software once.
For the record, I haven't had any Real products installed on any of my computers for the past three years; during that time I've used and paid for (once) Winamp Pro, which has issued plenty of security updates but never required me to "upgrade" for any of them.
Posted by: Matt | November 11, 2005 11:22 AM | Report abuse
Posted by: Real Player | November 11, 2005 1:14 PM | Report abuse
Posted by: Tesserat | November 11, 2005 1:29 PM | Report abuse
Posted by: Mike | November 11, 2005 1:35 PM | Report abuse
Posted by: Fay | November 11, 2005 2:08 PM | Report abuse
Posted by: Jimbo | November 11, 2005 3:44 PM | Report abuse
Posted by: Grandma Linn | November 11, 2005 5:51 PM | Report abuse
Posted by: Kevin | November 11, 2005 9:15 PM | Report abuse
The comments to this entry are closed.