×

Announcing: Slashdot Deals - Explore geek apps, games, gadgets and more. (what is this?)

Thank you!

We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!

Winamp Skin Exploit in the Wild

CmdrTaco posted more than 10 years ago | from the even-skins-are-dangerous-now dept.

Security 397

An anonymous reader writes "Secunia.com has announced an exploit (derived from xml escaping the Internet zone into IE's local zone) that exploits Winamp's habit of automatically installing skins. Currently all versions of Winamp are affected. Details on the Winamp forums - apparently an exploit is already in the wild, and spreading."

Sorry! There are no comments related to the filter you selected.

GNAA FIST PSOT (-1)

Anonymous Coward | more than 10 years ago | (#10081472)

Fristage!!

yet another way... (5, Funny)

ryane67 (768994) | more than 10 years ago | (#10081476)

to compromise a system..

Luckily the masses of windows users are content to use windows media player which should slow the spread of this.

Re:yet another way... (4, Insightful)

BoldAC (735721) | more than 10 years ago | (#10081576)

Yet another way?

Seems like the same old crap to me...

You convince some sucker to download and load something that isn't what it says it is. We've reported aim exploits that hide themselves as screensavers recently. [tech-recipes.com]

It's a major security problem when a program blindly executes something. Period.

It's a major security problem when people download untrusted winamp skins on IRC.

What can you do?

Oh No! (-1)

Anonymous Coward | more than 10 years ago | (#10081477)

First Post!

Damn you Britney! (5, Funny)

ZipR (584654) | more than 10 years ago | (#10081478)

I knew that your oh-so-sexy winamp skin would be my downfall.

You are a bunghole (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#10081479)

and so am I.

there will be more bungholes after me.

Mozilla (5, Insightful)

linuxci (3530) | more than 10 years ago | (#10081480)

One of the winamp betas had the option to use the mozilla engine rather than the IE one. Shame they never spent more time on this feature then they could easily tell people they could fix this exploit by turning off the MS Engine.

Re:Mozilla (4, Informative)

JanusFury (452699) | more than 10 years ago | (#10081518)

Yeah, I remember that option. Funny, it never worked. I'm still not sure if it was Nullsoft's fault, or if moz embedding is just flaky. I can't really think of any apps I have that embed Gecko - it's all pretty much IE these days.

Re:Mozilla (3, Insightful)

linzeal (197905) | more than 10 years ago | (#10081533)

Isn't nullsoft part of AOL, which funded netscape which created most of the mozilla engine?

Using anything from Microsoft's API in this day and age of alternatives is lazy programing, imho.

FP!! (-1)

Anonymous Coward | more than 10 years ago | (#10081482)

FP!

argh (-1)

Narcissa (78274) | more than 10 years ago | (#10081485)

All your Winamp are belong to us.

Can I name the worm?? (4, Funny)

Lux (49200) | more than 10 years ago | (#10081488)

I propose "flensing."

Assistance for the clueless (1, Insightful)

Anonymous Coward | more than 10 years ago | (#10081674)

I'm an idiot--I don't get it. Can anybody help?

Re:Assistance for the clueless (5, Informative)

gwernol (167574) | more than 10 years ago | (#10081750)

I'm an idiot--I don't get it. Can anybody help?

Flensing means to remove the skin [bartleby.com] from something.

hm (-1)

Anonymous Coward | more than 10 years ago | (#10081490)

hmmmm

Damn Britney Spears virus (0)

Anonymous Coward | more than 10 years ago | (#10081491)

Agh, give me viruses that delete my HD ; Give me viruses that break the whole box...

But please God, dont give us forced Britney Spears !

Further evidence that skinning is stupid (5, Funny)

pestie (141370) | more than 10 years ago | (#10081492)

Seems to me I was just bitching about skinning [slashdot.org] and mentioned that security holes were one possible (but unlikely) down-side. I love when the universe makes my point for me.

Re:Further evidence that skinning is stupid (2, Insightful)

jo42 (227475) | more than 10 years ago | (#10081592)


Alas, people like shiny, blinky, glowy things aka bling.

I won' bother saying what I think of 'skinning' on account it would be moderated as a troll or less because most people like shiny, blinky, glowy things aka bling and I don't...

Re:Further evidence that skinning is stupid (1)

name773 (696972) | more than 10 years ago | (#10081704)

which is another great use of anonymous posting :)

Re:Further evidence that skinning is stupid (1, Insightful)

Neon Spiral Injector (21234) | more than 10 years ago | (#10081729)

If I were to like shiny, blinky, glowy things aka bling, which I don't, I'd want my entire UI to be shiny, blinky, glowy things aka bling. I find apps that don't use the default toolkit (in any OS) to really clash with everything else.

Sure MacOS X is pretty, and consistant. It would seem that Apple agrees with me. So why do they make their QuickTime player for Windows so out of place? I like non-destructive configuration options to be be auto applied (like GNOME and Mac OS do), but that style of interface is in total contract with Windows OK, Apply, Cancel system.

I think it was Winamp's fault that all media players now have to have their own skinable widget set. I wish this exploit would do something to stop the madness, but I fear not.

Just another reason (0, Redundant)

bunburyist (664958) | more than 10 years ago | (#10081494)

To use XMMS! XMMS is a wonderful media player XMMS is a multimedia player for unix systems. XMMS stands for X MultiMedia System and can play media files such as MP3, MOD's, WAV and others with the use of Input plugins. XMMS is mainly targeted at music playback, but through thirdparty plugins some rudimentary video capabilities exists, but there are much better systems other than XMMS for video support. XMMS will not be vulnerable to this exploit...it is Highly customizeable and it has an extensive plugin system. Winamp is (currently) being run by AOL which as we all know is evil and heartless...after what they did to poor rich justin. poor poor justin.

Re:Just another reason (2, Insightful)

happyemoticon (543015) | more than 10 years ago | (#10081611)

Damn dude, I was going to step up and prosleritize 'NIX/XMMS, but you beat me to it:) By the same token you could support good ol' Winamp 2, which is basically the same thing. Ooo, winamp 5; look at all the useless, animated, colorful features!

Re:Just another reason (1)

Kethinov (636034) | more than 10 years ago | (#10081681)

Winamp5 added one very important feature that Winamp2 didn't have (that XMMS has had for years); the ability to reformat the playlist display away from Artist - Song Name to whatever you want. (In my case Artist - Album - Track - Song Name)

Re:Just another reason (1)

Kethinov (636034) | more than 10 years ago | (#10081652)

AFAIK XMMS doesn't run in Windows at all.

Re:Just another reason (2, Insightful)

name773 (696972) | more than 10 years ago | (#10081725)

see? more of a fix than you'd first assume :)

Re:Just another reason (1)

datadriven (699893) | more than 10 years ago | (#10081762)

Another reason I'm glad I don't use windows.

Re:Just another reason (0, Redundant)

shawn(at)fsu (447153) | more than 10 years ago | (#10081654)

XMMS has been included in SuSElinux since at leats 8.2. It's great, it has the interface of winamp with none of the bloat that I've come to hate from winamp. Check it out

I didn't think this was redundent at all good thing I browse at -1.

Re:Just another reason (1)

name773 (696972) | more than 10 years ago | (#10081756)

500 dollar reward for tip(s) leading to the arrest of the person(s) who stole my sig.
they went that way ->

Am I the only one... (4, Interesting)

psoriac (81188) | more than 10 years ago | (#10081495)

who unchecks every option in any program I install that begins with "Automatically [check for/download] and install ..."?

Re:Am I the only one... (0)

Anonymous Coward | more than 10 years ago | (#10081557)

Pretty much, yes.

use firefox (-1)

ClickWir (166927) | more than 10 years ago | (#10081496)

So I'd have to be using IE in the first place, right?

Well there appears to be a patch out already. http://www.mozilla.org/products/firefox/download.h tml?http%3A//ftp.mozilla.org/pub/mozilla.org/firef ox/releases/0.9.3/FirefoxSetup-0.9.3.exe

Macs (0, Flamebait)

AKAImBatman (238306) | more than 10 years ago | (#10081497)

Makes me glad I use iTunes on a Mac. At least Apple doesn't decide *for me* that I NEED an insecure web browser in EVERY APPLICATION on the operating system.

The fact that OS X has not yet had one critical exploit speaks for itself. (And yes, OS 7-8 *did* have quite a few exploits and viruses.)

Re:Macs (0, Flamebait)

black mariah (654971) | more than 10 years ago | (#10081577)

The Winamp programmers made a choice to use the IE shit, moron. If you're going to flame, at least be somewhat intelligent about it.

Re:Macs (1)

AKAImBatman (238306) | more than 10 years ago | (#10081689)

No, they used system services available to them, instead of choosing a third party solution like the rest of the world does. Why did they do that? Because Windows integrates a web browser!

Re:Macs (1)

Kethinov (636034) | more than 10 years ago | (#10081727)

They integrate a shitty web browser. No programmer in their right mind would make use of this "available system service".

Re:Macs (1)

AKAImBatman (238306) | more than 10 years ago | (#10081587)

That should be OS 7-9. I've really got to start proof reading.

Re:Macs (1)

EulerX07 (314098) | more than 10 years ago | (#10081616)

You also have to start knowing what you're talking about.

Re:Macs (2)

Egekrusher2K (610429) | more than 10 years ago | (#10081607)

http://secunia.com/advisories/11622/ Yes it has, wannabe nerd. Don't talk the crap unless you can back it up.

Re:Macs (1)

AKAImBatman (238306) | more than 10 years ago | (#10081661)

RTFA. It requires Internet Explorer 5.2. That's not the default browser on Mac OS X.

Re:Macs (0)

Anonymous Coward | more than 10 years ago | (#10081755)

you mean that article that says:
This has been confirmed on Macintosh OS X using Safari 1.2.1 (v125.1) and Internet Explorer 5.2. Other browsers and applications supporting URI handlers may also be used as attack vectors.

so, what is the default browser on a Mac these days?

i see Safari in TFA

Re:Macs (1)

Egekrusher2K (610429) | more than 10 years ago | (#10081760)

I didn't say it was common. He said they don't exist. I was merely proving him wrong.

Simple solutions (5, Informative)

JLSigman (699615) | more than 10 years ago | (#10081498)

Don't get your skins from anyone but WinAMP.

OR

Don't use skins at all.

Re:Simple solutions (3, Informative)

fulana_lover (652004) | more than 10 years ago | (#10081553)

the article mentioned specifically the problem is that wsz skins are able to escape IE's security policies and run as local computers when sent as XML files, so a malicious website (or HTML email, message board posting, etc) could automatically run the exploit without even your knowledge... time to uninstall winamp...

Re:Simple solutions (1)

MalaclypseTheYounger (726934) | more than 10 years ago | (#10081563)

OR use iTunes. As a non-mac user and all-around Macintosh-detester, iTunes is pretty damned slick.

No issues with it so far, and it handles my 2000+ MP3 database with ease. (Last time I used WinAmp... in the great words of Jon Stewart... eh, not so great-- very choppy).

Re:Simple solutions (1)

linzeal (197905) | more than 10 years ago | (#10081566)

This could be hidden in a page that is completely unrelated to winamp or skinning and it would still work.

Re:Simple solutions (0)

Anonymous Coward | more than 10 years ago | (#10081695)

From a quick review of the winamp forum, installing a skin isn't how it's propogated.

It gets winamp to run executable code embedded in the skin.xml file, but the whole thing is an exploit of your browser and mime types.

That is, you think think you're going to see a jpeg, your browser sees javascript that forwards it to a php page that sends a winamp file.

Your browser sees it's a winamp file, sends it to winamp, who then runs the code.

If you use winamp and your browser's set to open winamp-associated stuff, you're at risk it looks like.

Re:Simple solutions (5, Informative)

_Sprocket_ (42527) | more than 10 years ago | (#10081741)



Don't get your skins from anyone but WinAMP.


That would be fine advise if the victims knew they were downloading a Winamp skin. The link, however, looks like it is an image file:
http://socold.de/stuff/schnappi_death.jpg <----- LOOOOOOOOOOOOOOOOOOOOL
Going clicky-clicky (or otherwise following the link) exacuted a PHP script which would serve up a winamp skin. Since many users have their browsers automagically handle Windamp skins, it would immediately get handed off to Winamp to execute. The skin linked to several files that eventually called an executable within the skin package which in turn loaded one's mIRC client with a script that spat out the above message.

The victims probably didn't know what hit them.

As long as... (3, Funny)

Anonymous Coward | more than 10 years ago | (#10081499)

Just as long as the exploit isn't used to install SP2 were all safe.

Easy fix (0)

shams42 (562402) | more than 10 years ago | (#10081504)

It seems that this is easy to fix for now by simply configuring your firewall to not allow Winamp to access the network.

Re:Easy fix (2, Insightful)

Robotech_Master (14247) | more than 10 years ago | (#10081565)

Of course, then you can't listen to Internet radio [shoutcast.com] ...

Re:Easy fix (1)

MyDixieWrecked (548719) | more than 10 years ago | (#10081594)

It seems that this is easy to fix for now by simply configuring your firewall to not allow Winamp to access the network.


but um... what about listening to internet radio stations? how about when you use it to sample music online? a lot of those online music sites (mp3.com for example) have a .m3u file to preview the songs in winamp.

All versions are affected? (4, Informative)

httpamphibio.us (579491) | more than 10 years ago | (#10081505)

The Securia.com link [secunia.com] in the profile says that only Winamp 3.x and 5.x. But doesn't mention 2.x... the vast majority of Winamp users I know don't use 3.x or 5.x due to the massive feature bloat.

Is 2.x actually susceptible or is the submitter incorrect?

Re:All versions are affected? (5, Informative)

Will Fisher (731585) | more than 10 years ago | (#10081578)

Winamp 2 is NOT affected. Winamp 5 Lite is also NOT affected.

If you unchecked "Modern Skin Support" in the installer you are also NOT affected.

You can even remove Modern Skin Support just by renaming Program Files\Winamp\Plugins\gen_ff.dll to gen_ff.dll.old. This will remove the exploit.

If you fix this way, you will only be able to use classic skins.

Re:All versions are affected? (0)

Anonymous Coward | more than 10 years ago | (#10081598)

Version 5 does not have a massive feature bloat: it has elements of 3 without the bloat of 3.

Re:All versions are affected? (5, Informative)

lotsofno (733224) | more than 10 years ago | (#10081631)

.
What many people don't realize is that Winamp 5 IS Winamp 2 (Check out this this article [winamp.com] .). It's the same code, but with extra plug-ins bundled in. The user can choose which plug-ins or features he wants to include or not include when installing. So I'm not sure how you could call the application bloated when the app installs only what the user feels he or she needs.

exploited like a linux-using schoolgirl (-1, Troll)

Anonymous Coward | more than 10 years ago | (#10081513)

Does this affect linux faggots too? I'd imagine not. I'm glad I'm using Windows Media Player. They should call this worm.winamp.linuxfaggot.

fix? (0)

Anonymous Coward | more than 10 years ago | (#10081523)

So what's the fix?
(Beside removing winamp)

All Versions? (4, Informative)

(54)T-Dub (642521) | more than 10 years ago | (#10081524)

I know that a lot of us "old school" winamp users still use the classic winamp lite v2.81 [plug] I much lighter version of the software[/plug]. The article states that it affects:
  • WinAMP 3.x
  • Winamp 5.x

Winamp 2.81 Rules! (0)

Anonymous Coward | more than 10 years ago | (#10081619)

They haven't added anything good to any new version of WinAmp since 2.81 - I used to run 2.81 on my P133 and it was great. Try running the new versions of winamp on a P133, and all of a sudden your computer isn't fast enough.

Re:All Versions? (1)

jdrake (148812) | more than 10 years ago | (#10081732)

yup, 3.x+ is just broken, I love my 2.xx I'll never change!

thank you, that is all.

Are you from a swing state? (-1, Offtopic)

l4m3z0r (799504) | more than 10 years ago | (#10081526)

If you are would you be interested in trading votes with me? I'll trade one vote in Connecticut for one vote in any of the swing states. Heres how it works, you vote for who I want and I vote for who you want. Heres a list of the swing states and there corresponding electoral value:

Arizona -- 10
Arkansas -- 6
Colorado -- 9
Florida -- 27
Iowa -- 7
Louisiana -- 9
Maine -- 4
Michigan -- 17
Minnesota -- 10
Missouri -- 11
Nevada -- 5
New Hampshire -- 4
New Mexico -- 5
Ohio -- 20
Oregon -- 7
Pennsylvania -- 21
Tennessee -- 11
Virginia -- 13
Washington -- 11
West Virginia -- 5
Wisconsin -- 10

My preference would be Florida, Ohio, or Pennsylvania.

Re:Are you from a swing state? (0)

Anonymous Coward | more than 10 years ago | (#10081569)

Heres how it works, you vote for who I want and I vote for who you want

Aah, but I'll want some proof you voted for who I wanted. So, be sure to keep your proof receipt from the Diebold machine!

No wait...

Re:Are you from a swing state? (0)

Anonymous Coward | more than 10 years ago | (#10081573)

I sympathize with your cause, but I don't think my casting a vote for Kodos for you is really going to affect the election all that much, sorry.

Re:Are you from a swing state? (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#10081600)

i live in ohio

i hate skins (2, Interesting)

avandesande (143899) | more than 10 years ago | (#10081529)

am i the only person that finds ever changing interfaces an annoyance??

Re:i hate skins (1)

t_allardyce (48447) | more than 10 years ago | (#10081610)

no you're not.

Re:i hate skins (0)

Anonymous Coward | more than 10 years ago | (#10081624)

Skins aren't for interfaces, rather they are eye candy for the desktop. The keyboard is all the interface I need.

Re:i hate skins (1)

Rosco P. Coltrane (209368) | more than 10 years ago | (#10081636)

am i the only person that finds ever changing interfaces an annoyance??

Apparently not. [slashdot.org]

Yes (0)

Anonymous Coward | more than 10 years ago | (#10081647)

Yes you are

Re:i hate skins (0)

Anonymous Coward | more than 10 years ago | (#10081712)

am i the only person that finds ever changing interfaces an annoyance??
I'm guessing you're still using the default desktop wallpaper?

Re:i hate skins (1)

avandesande (143899) | more than 10 years ago | (#10081745)

yeah and classic interface
no transitions
etc etc

Re:i hate skins (0)

Anonymous Coward | more than 10 years ago | (#10081749)

you are not alone

Redmond school of engineering (4, Interesting)

Rosco P. Coltrane (209368) | more than 10 years ago | (#10081534)

Program skins with "browser tags" and "embedded xml"? sheesh, what next, word processor documents that have executable code inside? </sarcasm>

Does anyone still use winamp? (0)

Anonymous Coward | more than 10 years ago | (#10081537)

With all the malware packed into the current versions, I thought everyone had jumped ship or stopped upgraded at 1.x long ago.

2.91 (0)

Anonymous Coward | more than 10 years ago | (#10081538)

The good old 2.91 is not affetced though AFAIK.

Fixes... (5, Informative)

xdeadbeef (218700) | more than 10 years ago | (#10081543)

  • Use Firefox as your default browser (which won't auto-launch skins), or...
  • don't install modern skin support in winamp (or delete plugins\gen_ff.dll if you already are installed), or...
  • get winamp 5.05 when it comes out in a day or two.

Re:Fixes... (5, Insightful)

Thrymm (662097) | more than 10 years ago | (#10081660)

Amen! I use it to play music, I dont look at the damn thing. I know some people love skins, for me I dont need it, just need to hear the music not see the colors!

Re:Fixes... (3, Informative)

Egekrusher2K (610429) | more than 10 years ago | (#10081710)

According to the Winamp forums, the default Firefox configuration is just as susceptible to this exploit as IE is. You can change your settings in either browser so that it is not affected by your exploit.

Fortunately, I use Mozilla. :)

Winamp Unlimited Has The Full Report (5, Informative)

lotsofno (733224) | more than 10 years ago | (#10081545)

.

Winamp Unlimited [winampunlimited.com] has a friendly summary on how the worm infects the user, as well as steps one can take to avoid being infected.

This is also worth noting: "The Nullsoft team have already implemented a patch for this exploit, which will be included in a very-near future release5.04a or 5.05. This next version is already in its third beta stage, and will include several other unrelated changes/fixes."

Nyah Nyah, I'm immune... (0, Troll)

praedictus (61731) | more than 10 years ago | (#10081552)

...Coz I use XMMS for my MP3 and FLAC goodness. Mind you it is supposed to be able to use WinAmp skins...

This is absolutely nothing to worry about... (0, Offtopic)

Rahga (13479) | more than 10 years ago | (#10081556)

Since XP Service Pack 2 came out, it's not like any of those Windows machines can connect to the internet anyway....

Just use windows media player. (0, Offtopic)

Anonymous Coward | more than 10 years ago | (#10081567)

Windows Media Play works fine.

Seriously, Microsoft Office and Internet Explorer seem to work just fine for me.

Plus, they all work on my Mac :)

Re:Just use windows media player. (1, Redundant)

name773 (696972) | more than 10 years ago | (#10081642)

isn't that blasphemy or something?

Just another reason to use iTunes, I guess (0, Troll)

Robotech_Master (14247) | more than 10 years ago | (#10081604)

I used to be a big fan of Winamp...but then I switched to iTunes and never looked back. Guess that's a good thing.

Re:Just another reason to use iTunes, I guess (3, Funny)

Anonymous Coward | more than 10 years ago | (#10081662)

I used to be a big fan of Winamp...but then I switched to iTunes and never looked back. Guess that's a good thing.
Good thing you never looked back. We're all pointing and laughing at you.

Crazy (0, Redundant)

ddod (808590) | more than 10 years ago | (#10081614)

Just one more reason why I have ceased to used internet explorer for jsut about anything. Firefox all the way!!

It's no hoax [65.75.157.200] . I normally don't go for these things but...Free ipods rock [freeipods.com]

w00t (-1, Flamebait)

coffin_birth (808593) | more than 10 years ago | (#10081615)

blah! i knew winamp was evil. everyone says WMP sucks. dih98hr98hjrekr figures though, a backdoor right in everyones face :P

Skin(ny) dipping? (0, Flamebait)

davidsyes (765062) | more than 10 years ago | (#10081620)

If WinAmp doesn't release or realize a worthy fix, they could be dipping their skin in an arcing, amping, electric fryer if the exploits get out of control.

(Hmm, fixes, amping, arcing...)

Skinning is Worth It (5, Funny)

Anonymous Coward | more than 10 years ago | (#10081635)

Having to periodically wipe your system and reinstall from backups is a small price to pay for the ability to have your apps look like real equipment.

I mean, WinAmp can actually look like different kinds of real CD players! Can you believe that? It can look like all sorts of things; it doesn't have to look like a rectangular window at all. That just rocks! You can even change the way it looks at runtime! You can download whole new looks! Man, that is too cool.

Kudos to those guys. This is the kind of thing that really makes computing fun.

Fixed in betas! (2, Informative)

oliverjms (548028) | more than 10 years ago | (#10081657)

Check out www.winampunlimited.com [winampunlimited.com] for more details

things to say (3, Insightful)

XO (250276) | more than 10 years ago | (#10081663)

Just to comment on all the first 11 posts I see here:

(1) I've not used WinAmp in many years [like i've not used Windows in many years], but when secunia says the advised course of action is "use another product", i'm guessing that that probably means this feature can not be disabled, or at least not easily? or if it can be, then it's disabling can also be circumvented?

(2) Absolutely right, having a component of the system that is active to ALL programs, wether it wants it or not, is inviting the most bizarre of security holes. Of course, the WinAmp people probably should come up with a better, more secure transport method for getting their skins around, but it's not really their fault that IE is a pile of crap security wise.

(3) what kinda genius would figure out that you could embed an xml file, with instructions to run a specific executeable file, within a zipped skin file, and then manage to trigger a security hole in a web-browser module that really shouldn't have a damn thing to do involved with the program that you're sending this virus through? The people who are BREAKING the security I figure have got to be infinitely more intelligent than the people who are CREATING the security.. or at least a whole hell of a lot more creative..

i really can't imagine that anyone could be thinking, when they write a program like this, "oh, what if someone tries to take advantage of such and such known security flaw in this way through our program, even though they don't have jack and shit to do with each other?" ..

obviously, you're going to try to cover in advance for security things, but who could predict in attack in such a convoluted fashion?

Skinny Dipping (2, Insightful)

t_allardyce (48447) | more than 10 years ago | (#10081676)

Is there any way to actually uninstall IE or atleast make it absolutely not the default browser and ban its exicution or engine use by all other programs and perhaps replace that engine with something else? Considering that was part of a big law-suit surly theres a way? Infact i need IE installed for website testing so the second option would be best.. all i can think of is setting the permissions of the engine dll and IE exicutables but replacing it would be nice too..

Or you could use... (1)

Morpheuso (762437) | more than 10 years ago | (#10081677)

XMMS instead. It is compatible with Winamp skins and is Open Source. Hurrah!

http://www.xmms.org/ [xmms.org]

Same skin for... (1)

Moonlapse (802617) | more than 10 years ago | (#10081721)

I've been using the same skin on Winamp 2.8 for years(plug for 'Silence' skin). Maybe that's because its part of my disk image I always wind up going back to.....

School must've just gotten out. (-1, Flamebait)

TaintedPastry (790856) | more than 10 years ago | (#10081733)

I notice the average vocabularical IQ drops about 50 points once 3pm EST hits.

Anyways, not suprising that this is a problem. HOWEVER, again a training issue. MOST media players with high levels of functionality (WinAmp, WMP, Real, etc. etc.) have some form of Spyware built right in as it is. (Used, of coure, primarily or exclusively by the author/Compant). Most of which also give you the option to turn it off.

But as with most semi-malicious/privacy breaking code, it was probably done quickly and sloppily, leaving lots of little holes open for those who have nothing better to do than browse porn and write viruses.

XMMS rocks! (-1, Flamebait)

Coolmoe (416032) | more than 10 years ago | (#10081747)

I have no problems skinning my player. Could it be the platform it runs on perhaps.

Screw it it's only Karma!

I know it's flaimbait but it's a bonus of learning something new. Linux is the best A/V

Expect these to grow more common... (5, Interesting)

hanssprudel (323035) | more than 10 years ago | (#10081748)


Now that people have started to use firewalls, and the risk of worms and rootkits that infect through open, exploitable, holes grows smaller, it is time to expect more and more exploits to follow alternative vectors.

Note how many buffer-overflow exploits there have been in server daemons. Well, there is no reason to believe that servers are any worse written with regards to input than client applications - quite the contrary actually.

People think they are safe with a firewall. But I'm willing to bet there are undiscovered exploits in just about every application they run. WinZip? WinAMP? Acrobat Reader? Media player? Anything that handles files received over the Internet is potentially a vector for viruses and possibly worms.

This time it was bad escaping, which made the exploit trivial, but there a buffer overflow would have served just as well. Neither firewalls nor anti-virus software will protect you.

Solution: use another product. (1)

farlcow (671869) | more than 10 years ago | (#10081765)

Patient: "Doc, it hurts when I do this" Doctor: "Then don't do that"

Summary of article summary (1, Redundant)

MobyDisk (75490) | more than 10 years ago | (#10081768)

Yet another unwanted, unnecessary feature involving Internet Explorer embedded into a program that doesn't need it has a remote exploit. To mitigate this problem, disable active anything, automatic anything, and ActiveX anything. That is all.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?