Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

RealPlayer Zero-Day Flaw Under Attack

Zonk posted more than 6 years ago | from the my-kingdom-for-a-patch dept.

Security 150

openOption writes "ZDNet is reporting that hackers are actively exploiting a zero-day hole in RealNetworks' RealPlayer media player, a software program installed on tens of millions of Windows computers worldwide. The in-the-wild attacks targets a previously unknown and unpatched ActiveX vulnerability in the way RealPlayer interacts with Microsoft's Internet Explorer browser. The flaw is causing drive-by malware downloads when an IE user simply browsers to a maliciously rigged Web page."

cancel ×

150 comments

Sorry! There are no comments related to the filter you selected.

Installed by millions... (5, Funny)

Anonymous Coward | more than 6 years ago | (#21048545)

Used by no one... until now.

Re:Installed by millions... (0)

Anonymous Coward | more than 6 years ago | (#21049223)

I was just wondering why every exploit found is now called zero day.... What the heck does that even mean? Zero days? How can there be zero days? If one-day is Tuesday, Sunday or whatever, what is zero-day? An exploit that has no place in time or space??

Re:Installed by millions... (3, Informative)

VagaStorm (691999) | more than 6 years ago | (#21049625)

From Wikipedia:

A zero-day (or zero-hour) attack is a computer threat that exposes undisclosed or unpatched computer application vulnerabilities. Zero-day attacks take advantage of computer security holes for which no solution is currently available.

I suppose, it's a buffering ... (5, Funny)

Anonymous Coward | more than 6 years ago | (#21049607)

overflow exploit, right?

Re:Installed by millions... (2, Insightful)

Sillygates (967271) | more than 6 years ago | (#21049759)

This wouldn't be a problem if companies like Dell(?) didn't preinstall RealPlayer on computers.

Re:Installed by millions... (1)

Zymergy (803632) | more than 6 years ago | (#21051077)

That is why we have the PC Decrapifier: http://www.pcdecrapifier.com/ [pcdecrapifier.com]

Re:Installed by millions... (1)

conlaw (983784) | more than 6 years ago | (#21051293)

Thanks for the link. I'll probably have to set up a Windows box for my niece before she starts high school and it sure would be great not to have to go remove all the crap by hand.

Re:Installed by millions... (1)

sh3l1 (981741) | more than 6 years ago | (#21052157)

Why do you have to install this? Wouldn't this be more crap on your computer?

Re:Installed by millions... (1)

Zymergy (803632) | more than 6 years ago | (#21052437)

It is a batch uninstaller that saves you lots of TIME as it uninstalls the CrapWare/TrialWare factory installed on so many OEM PCs in one operation and reboot.
And you don't need to uninstall it as it is merely a free standing executable application (and it even offers to create an XP/Vista restore point if you want/need to undo changes).

I do correct myself in pointing out that I was in error when I ~assumed~ that the PC Decrapifier uninstalled "RealPlayer", I feel it should be on the list of detected crap to be removed but it appears to not be on the current list...

Re:Installed by millions... (1)

Huwawa (923056) | more than 6 years ago | (#21050005)

Mplayer ftw.

Good thing I don't use Real (2, Funny)

Anonymous Coward | more than 6 years ago | (#21048547)

Greased up Yoda doll
Puckered anus
GO LINUX!

Re:Good thing I don't use Real (0)

Anonymous Coward | more than 6 years ago | (#21049143)

That was enlightening, thank you. I have just poured hot grits down my pants.

Re:Good thing I don't use Real (0)

Anonymous Coward | more than 6 years ago | (#21050273)

I haven't seen an anally inserted greased Yoda doll troll in *years*! Kudos to you, anonymous troll, for keeping the old /. traditions alive.

SOFTWARE PROGRAM!!!11111```oneone (5, Funny)

Anonymous Coward | more than 6 years ago | (#21048551)


a software program

I like software programs. They run well on my computer PC and look nice on my display monitor. My computer PC works well, all the way from the electric power cable to the Ethernet network card, the hard disk hard drive, and my wireless keyboard keyboard and mouse mouse.

(What are synonyms for keyboard and mouse?)

Re:SOFTWARE PROGRAM!!!11111```oneone (0)

Anonymous Coward | more than 6 years ago | (#21048643)

Even though regardless quoted parent's reply post is flamebt troll also and troll flamebait in its nature, it's good satire satire.

Re:SOFTWARE PROGRAM!!!11111```oneone (1)

calebt3 (1098475) | more than 6 years ago | (#21048767)

You mean sarcastic satire.

Re:SOFTWARE PROGRAM!!!11111```oneone (1)

Penguinshit (591885) | more than 6 years ago | (#21048661)

HID

Oh, relax.... (4, Funny)

Foerstner (931398) | more than 6 years ago | (#21049813)

You seem to be inexplicably tense. Perhaps you should relax for a while and watch a television program.

Or go to the theater, and watch a play. If you have any trouble understanding it, you might find more in the program they give you. Hold on to it, they're collectible.

Whatever you do, though, don't rely on alcohol to relieve your anxiety. If you become dependant on it, you may need a twelve-step program to get yourself back on track.

Re:Oh, relax.... (2, Insightful)

Oktober Sunset (838224) | more than 6 years ago | (#21050033)

All those use of 'program' are incorrect, they should all have been 'programme'.

You fail at both language and making a point.

Re:Oh, relax.... (1)

lostguru (987112) | more than 6 years ago | (#21050517)

um not according to my dictionary, perhaps you should try speaking american?

Re:Oh, relax.... (2, Interesting)

Antique Geekmeister (740220) | more than 6 years ago | (#21050767)

No, he failed at being British. In the US, it's spelled "program".

Re:Oh, relax.... (1)

adona1 (1078711) | more than 6 years ago | (#21051965)

And in Australia, it's spelled "pogram" [wikipedia.org] :)

Re:SOFTWARE PROGRAM!!!11111```oneone (1)

Curmudgeonlyoldbloke (850482) | more than 6 years ago | (#21050247)

a software program
As opposed to a hardware program used by something like a Jacquard loom, presumably....

Re:SOFTWARE PROGRAM!!!11111```oneone (1)

jcuervo (715139) | more than 6 years ago | (#21051255)

"Alphanumeric keyboard" and "computer mouse"?

Re:SOFTWARE PROGRAM!!!11111```oneone (2, Insightful)

lenroc (632180) | more than 6 years ago | (#21051973)

"Alphanumeric keyboard" and "computer mouse"?

Looks like someone confused verbosity with redundancy

Re:SOFTWARE PROGRAM!!!11111```oneone (1)

rlbond86 (874974) | more than 6 years ago | (#21052087)

Hey, electric power is not redundant. There are other types of power as well. /is an electrical engineer

Re:SOFTWARE PROGRAM!!!11111```oneone (0)

Anonymous Coward | more than 6 years ago | (#21052579)

mouse pointer

and maybe keyboard terminal?

you're welcome

Whew! (3, Interesting)

dedazo (737510) | more than 6 years ago | (#21048557)

God, I'm so glad I bought a computer with Windows XPN, which thanks to the wisdom of the European Union and RealNetworks' claims of unfair competition against their cuasi-malware player, does not include Windows Media Player! Yes, instead the OEM installed... oh, wait. They installed RealPlayer. Holy sh #$!@&*^} NO CARRIER

Re:Whew! (1)

athdemo (1153305) | more than 6 years ago | (#21048699)

Just don't use the internet, you'll be fine. Wait, nevermind, RealPlayer? You'll never be fine.

Hackers are the least of their troubles... (2, Funny)

Ecuador (740021) | more than 6 years ago | (#21048591)

I don't want to be a troll, but people who install Real Player are asking for trouble.
Wow, I just had a scary thought I managed to block just in time before passing out: Real Player. On Vista.

Re:Hackers are the least of their troubles... (1)

athdemo (1153305) | more than 6 years ago | (#21048631)

I swear I haven't seen or heard from RealPlayer in like 5 years, it's still around? And people install it?

Re:Hackers are the least of their troubles... (1)

Jugalator (259273) | more than 6 years ago | (#21048789)

For some reason, it can still be popular on various news sites and so on, so yes, people hence use it. I guess Real simply give them some irresistible deals, because surely they aren't stupid enough to willingly use that format? I can admit that the most modern Real formats are pretty good, but the standalone player and all that isn't.

Re:Hackers are the least of their troubles... (0)

clsours (1089711) | more than 6 years ago | (#21048971)

Im not sure why, but on many news/radio sites the real media stream is better quality than the windows or mp3 streams. I would suppose that the quality per bandwidth would be the same, but Im not sure. Maybe I just have cheap speakers.
From TFA By instantiating the object and invoking a specific method and attacker is able to corrupt process memory and execute arbitrary code with the privileges of the browser..
Seems simple, just assign the browser ring 3 security. Oh wait, its Windows (and the user is Administrator with no password).

Re:Hackers are the least of their troubles... (3, Informative)

egypt_jimbob (889197) | more than 6 years ago | (#21051261)

Seems simple, just assign the browser ring 3 security. Oh wait, its Windows (and the user is Administrator with no password).
A spammer can still send spam from ring 3. A botnet herder can still run a bot from ring 3. A phisher can still change proxy settings from ring 3.
Ring 0 only adds stealth to attacks that work just fine from ring 3.

Re:Hackers are the least of their troubles... (3, Interesting)

Angostura (703910) | more than 6 years ago | (#21049717)

I can't speak about the windows version, but the OS X implementation of the free player is actually very nice to use indeed: fast and lightweight. It's the format I choose for listening to and watching BBC streaming feeds.

Re:Hackers are the least of their troubles... (1)

networkassault (1176303) | more than 6 years ago | (#21050193)

It's also easy to uninstall. Just drag it to the trash (along with all other files that comes up when you run a spotlight search for realplayer), then just hit Command, Shift, Delete. Then again, I uninstalled IE from Windows 95 machine. Anything is easy to uninstall after that.

Re:Hackers are the least of their troubles... (1)

Buran (150348) | more than 6 years ago | (#21051897)

Good luck installing the file manager. Yeah, that'll get you real far. It'd be like yanking the Finder out of my Mac (which has not and never will have a problem with this flaw...)

Re:Hackers are the least of their troubles... (1)

Buran (150348) | more than 6 years ago | (#21051907)

I mean, UNinstalling. Hello, this is 2007 and there's no edit button? And what's with this lame "to give everyone a chance to post" bullshit? It's 2007, computers can handle more than one simultaneous query.

Re:Hackers are the least of their troubles... (1)

mindbooger (650932) | more than 6 years ago | (#21048929)

Eh, it's more open (with the Helix stuff?) and more multiplatform than Microsoft's alternatives (is even Mplayer with binary codecs able to play DRM'd WMVs? And even their new Silverlight, despite allegedly for Mac and Windows, is OSX x86-only -- there's a buttload of still-useful PowerPC machines still out here).

And with most sites I've seen that offer streaming content, those are my two choices -- Real or DRM'd MS (if I'm even lucky enough to have a choice of something non-MS!). Or Flash. Ooh, yeah, that's much bet....ter.

So yeah, Real is the (much) lesser of those three evils. The player isn't even all that bad on MacOS -- I never saw the bloatware Windows version everyone rips them for, so I don't know how bad it was. It's not like that now. And I don't even use it; I just have Mplayer using the installed Real player's codecs on OSX-PPC.

Re:Hackers are the least of their troubles... (-1, Troll)

Anonymous Coward | more than 6 years ago | (#21050835)

there's a buttload of still-useful PowerPC machines still out here).
Correct, there are a buttload of PowerPC machines still in active use. In addition Mac users's butts are loaded with semen.

Re:Hackers are the least of their troubles... (1)

t1n0m3n (966914) | more than 6 years ago | (#21051101)

don't tell the mr poop sniffer spam guy

Re:Hackers are the least of their troubles... (1)

Draek (916851) | more than 6 years ago | (#21052501)

yup. It works on Linux, it's fast, lightweight, and it's used by reputable news sites [bbc.co.uk] , something that can't be said of any other video codec.

Re:Hackers are the least of their troubles... (4, Funny)

Dishevel (1105119) | more than 6 years ago | (#21048963)

I love Real Player. Its icon is pretty and when I click on some things on the internet it works sometimes for me. If it dose not work I just figure that the people putting that bad stuff on the internet must not know what a wonderful company Microsoft is for people like me. Now if you will excuse me I need to click on something real fast so AOL doe not disconnect me again. All I need is MS programs that I can use while online with AOL with my wonderful CABLE COMPANY connection to the internet.

Not in Vista (4, Informative)

El Lobo (994537) | more than 6 years ago | (#21048601)

The vulnerability doesn't affect IE in protected (sandboxed, default) mode on Vista, of course.

WARNING MS SHILL (5, Funny)

Anonymous Coward | more than 6 years ago | (#21048905)

Nobody uses Vista because Vista's not compatible with Windows.

Re:Not in Vista (-1, Troll)

Anonymous Coward | more than 6 years ago | (#21048987)

Well, you still suck dick, so what's the point?

Re:Not in Vista (0)

Anonymous Coward | more than 6 years ago | (#21049163)

everyone is using XP?? whats your point?

You are attempting to laud Vista on slashdot (1, Funny)

Anonymous Coward | more than 6 years ago | (#21050029)

[Cancel] or [Allow] ?

Re:Not in Vista (1, Interesting)

Anonymous Coward | more than 6 years ago | (#21050525)

Actually it does. If you bothered to learn the underlying components(below the API) you wouldn't sound like such a dolt.

Re:Not in Vista (Permit Deny Allow) (1)

WillAffleckUW (858324) | more than 6 years ago | (#21051073)

Would you like to permit this song to be played?

How about this song?

How about this one?

(repeat 50 times)

(user unchecks security check)

Re:Not in Vista (1)

suv4x4 (956391) | more than 6 years ago | (#21051409)

I've no particular reason to reply here, but check the other replies.

They're actually insulting, ranting, cussing, since you mentioned Vista isn't vulnerable. Makes me sad of Slashdot, you know?

Re:Not in Vista (1)

The Master Control P (655590) | more than 6 years ago | (#21052377)

In other words, Vista/IE7 are on par with every other non-Microsoft OS/browser in this particular aspect. That's good news, but don't color me too impressed.

Experts Quickly Noted However.... (5, Funny)

rel4x (783238) | more than 6 years ago | (#21048641)

...that the viruses using this attack were still easier to uninstall than RealPlayer itself.

Re:Experts Quickly Noted However.... (5, Funny)

Fx.Dr (915071) | more than 6 years ago | (#21048709)

Upon attempting to exploit the flaw, the virus was promptly greeted with ...BUFFERING... ...BUFFERING...

It's worst then that (1)

Liquidrage (640463) | more than 6 years ago | (#21049177)

The malware that gets installed is, itself, Real Player.

Affected computers are stuck in a feedback loop where Real Player installs itself over and over again.
The space-time continuum is breaking down as we speak.

This just in: ActiveX STILL a bad idea... (-1, Troll)

Joce640k (829181) | more than 6 years ago | (#21048681)

ActiveX is a bad idea and always will be. I'm pretty sure the security experts started telling Microsoft not to do it while it was till in the planning stage.

Re:This just in: ActiveX STILL a bad idea... (1)

cnettel (836611) | more than 6 years ago | (#21048775)

And what about Netscape plugins? This is not "download ActiveX controls on demand" which was chastised and basically isn't around anymore. This is the fact that some apps on your machine say "hey, I know how to handle some data on the net, just load this dynamic library of mine and hand it the data, and I'll render it neatly in the browser".

Re:This just in: ActiveX STILL a bad idea... (1)

cheater512 (783349) | more than 6 years ago | (#21049829)

With ActiveX anyone can make something automatically execute.

With Firefox's plugin search there is a predefined list.

Re:This just in: ActiveX STILL a bad idea... (0)

Anonymous Coward | more than 6 years ago | (#21050913)

In Windows you can define a list of "Administrator Approved Controls" and IE won't load any others. But it is a pain in the arse to configure and I'm the only person I know who's ever bothered. But I'm not vulnerable to this realplayer bug :)

Re:This just in: ActiveX STILL a bad idea... (1)

scubanator87 (1023313) | more than 6 years ago | (#21048823)

All to true! A while back [adult swim] used to require activex to watch watch their videos on line. They kicked that to the curb since they realized that their demographic is the same demographic that is most likely to not use IE/ activex! They got the picture so should every one else!

Re:This just in: ActiveX STILL a bad idea... (2, Interesting)

Anonymous Coward | more than 6 years ago | (#21049287)

This vulnerability has nothing to do with ActiveX. ActiveX is just one method of hosting a plugin. Any method of hosting a plugin would be exactly as vulnerable. Anytime a browser accepts data from an outside source and passes it onto a library to handle that is a possible point of attack. There have been plenty of vulnerabilities found in non-ActiveX plugins for Internet Explorer and other browsers. There have been vulnerabilities found in the very libraries used by the browsers to display common content like images.

This is why the Vista approach is the correct approach: sandbox the browser. The process should be locked down so tight that when a vulnerability is inevitably discovered that the damage it can cause is mitigated. Every OS and every browser needs to incorporate these mechanisms by default.

1997 called. They want their security alerts back (1)

El_Oscuro (1022477) | more than 6 years ago | (#21049589)

I remember first reading about activeX security vulnerabilities in one of the O'Reilly nutshell books about website design. The book also covered controversial topics such as the use of the <BLINK> and <TABLE> tags in HTML.

Huh. (1)

ripewithdecay (573894) | more than 6 years ago | (#21048777)

I had no idea people still use RealPlayer.

Typical Zonk editing (0)

Anonymous Coward | more than 6 years ago | (#21048811)

Whenever Zonk browsers to Slashdot to post a story, lots of spelling and grammar errors attacks us. Maybe he should install a software program to assist his editing.

Video press release (4, Funny)

operagost (62405) | more than 6 years ago | (#21048839)

Real has posted a video press release on this. I would like to tell you more, but it's still buffering. Maybe they should use Media Player for their press releases.

Re:Video press release (0)

Anonymous Coward | more than 6 years ago | (#21049095)

Hahahahaa, the "buffering" tag made me burst into uncontrollable laughter. I only tried real shit once and have hated it passionately since. The interface was fucking horrible circus of blinkenlichts and popups and flashing ads hell. The program fouled up my file associations good and kept doing it. And the content was always "buffering"...

Those good old days...

I wouldn't worry... (2, Funny)

Deacon_Yermouf (900678) | more than 6 years ago | (#21048845)

It's going to take a while for the virus to stop buffering....

Real Alternative (3, Informative)

gravis777 (123605) | more than 6 years ago | (#21048849)

http://www.free-codecs.com/download/Real_Alternative.htm [free-codecs.com]

Now I just have to worry about unpatched holes in Windows Media Player!

Truthfully, I already have one bloated Media Player that is part of the OS on my machine, why would I want to install another?

BTW:
http://www.free-codecs.com/download/QuickTime_Alternative.htm [free-codecs.com]
To take care of that OTHER bloated media player

Re:Real Alternative (1)

0xygen (595606) | more than 6 years ago | (#21049105)

Is the vulnerability not in the actual codecs and plugins, which are the same ones used by Real Alternative?
My impression was that both Real Alternative and Quicktime Alternative both just distribute the official codecs in a package that does not install the surrounding junk.

Surely there is a good chance this still leaves you (and me) vulnerable?

Any Proof Of Concept to test with?

Re:Real Alternative (1)

Rob Simpson (533360) | more than 6 years ago | (#21049261)

Not the codec, but yeah, it would probably be in "RealMedia ActiveX control 6.0.12.1741 allows you to view RealMedia content that is embedded in a webpage. The RealMedia ActiveX control supports Internet Explorer." [edskes.net] Choosing not to install this component would solve the problem, though.

Re:Real Alternative (1)

junglee_iitk (651040) | more than 6 years ago | (#21049705)

According to Karl Lillevold [doom9.org] , a (lead) programmer for Real Player, Real Alternative is nothing but rebundled DLLs from Real Player in a wrapper for support other players. Thus, it is still exploitable.

Brought to you by a linux-user, Real(TM)-hater/uninstaller. I uninstall it on every computer I encounter :)

Re:Real Alternative (1)

antdude (79039) | more than 6 years ago | (#21049733)

But, how do we know if RA's codecs aren't vulnerable? It has ActiveX plugin too.

Re:Real Alternative (5, Informative)

suv4x4 (956391) | more than 6 years ago | (#21049939)

http://www.free-codecs.com/download/Real_Alternative.htm [free-codecs.com]
Now I just have to worry about unpatched holes in Windows Media Player!


Actually "Real Alternative" and "QuickTime Alternative" uses ripped off binary libraries straight off the official apps. It's quite likely you're vulnerable as well.

Re:Real Alternative (1)

DogDude (805747) | more than 6 years ago | (#21050049)

Have you ever considered doing something as exotic as uninstalling WMP?

In other news (0, Redundant)

jagdish (981925) | more than 6 years ago | (#21048871)

Real networks finally figured who their 3 users are.

Get with it (2, Funny)

Skiron (735617) | more than 6 years ago | (#21048903)

New marketing name -> RealTrojans (or viruses/worms, whatever). Sales are UP!

RealPlayer (1)

hyades1 (1149581) | more than 6 years ago | (#21048925)

It's long been an annoyance to me that RealPlayer is installed by default on my Palm Tungsten E2, and there's no way to remove it without risk. It squats like a toad in my small pool of on-board RAM, taking up space I bought and paid for. On my PC, of course, it's just a smelly, fading memory, replaced ages ago by less toxic alternatives.

No need to worry! - Screen shot of virus. (1, Funny)

Anonymous Coward | more than 6 years ago | (#21049133)

You have been infected by a RealPlayer virus! Muahahah! In 5 seconds, your hard drive will be form ...buffering... ...buffering... ...buffering...

Worried? Nah (2, Funny)

jdjbuffalo (318589) | more than 6 years ago | (#21049169)

All 5 people who still have Real Player installed are in for a world of hurt...

browser, -noun, a person or thing that browses (2, Funny)

piratesyarr (1117287) | more than 6 years ago | (#21049469)

The flaw is causing drive-by malware downloads when an IE user simply browsers to a maliciously rigged Web page.

I like the use of the word browser as a verb.
Also, drive-by malware downloads? This hood is no longer safe, yo!

Re:browser, -noun, a person or thing that browses (1)

raehl (609729) | more than 6 years ago | (#21050539)

Besides, isn't a drive-by more of an upload?

"Browsers to a maliciously rigged Web page" (1)

rho (6063) | more than 6 years ago | (#21049471)

Please, no more stupid verbs-nee-nouns.

"Blog" should have been smothered in the crib, let's not loose another monster.

Re:"Browsers to a maliciously rigged Web page" (0)

Anonymous Coward | more than 6 years ago | (#21049771)

"Blog" should have been smothered in the crib, let's not loose another monster.

Given that this is slashdot, I unconsciously changed "loose" to "lose", and was left wondering why you didn't want to lose this monster.

When I realised my error, I think I discovered how Pavlov's dog felt.

Have a nice weekend.

just a typo. (1)

Skadet (528657) | more than 6 years ago | (#21049897)

I think they meant to write "browses". Could have been a typo (the E and R are right next to each other), could have been a brain fart linked to muscle memory, but I really doubt someone's trying to introduce "browsers" as a verb.

Re:"Browsers to a maliciously rigged Web page" (2, Funny)

Actually, I do RTFA (1058596) | more than 6 years ago | (#21050129)

Come on, I love verbing words.

Re:"Browsers to a maliciously rigged Web page" (1)

CopaceticOpus (965603) | more than 6 years ago | (#21052445)

Kids these days and all their browsering... they're going to catch the malware!

Re:"Browsers to a maliciously rigged Web page" (1)

geekoid (135745) | more than 6 years ago | (#21050551)

So you want to crib it?

I may go home a crib.

Smell you later.

real player still part of google pack (beta)? (2, Informative)

sillyphisher1 (1100841) | more than 6 years ago | (#21049655)

Last time I saw real player was when I installed google pack on a windows machine years ago. I love picasa and google earth, and at the time a few of the other packages seemed like nice things to get all in 1 install. Real player was the deal killer- I never could figure out what good it was. It seems like it spent more of my time and CPU cycles trying to sell me on an upgrade than doing anything useful. What was/is google thinking on that one?

Re:real player still part of google pack (beta)? (1)

Bryansix (761547) | more than 6 years ago | (#21050175)

Ug, Picasa sucks. I still can't figure out what it really DOES. When I installed it I couldn't get it to do a single thing.

Soon to be on Slashdot: (1)

JK_the_Slacker (1175625) | more than 6 years ago | (#21049943)

Next up: Spam with attached Realmedia files that redirect to "stock sharing sites."

Real Player still exists?? (1)

GPL Apostate (1138631) | more than 6 years ago | (#21050183)

I remember 'registering' Real Player back in the 90's so they sent me a CD-ROM with the 'paid for' version that had a 'record' button (for those really, really rare instances where a server allowed you to record the stream.)

Is Real Player still around???

Re:Real Player still exists?? (1)

this great guy (922511) | more than 6 years ago | (#21052635)

Is Real Player still around???
No. This /. story is a dupe from the 90's.

it's 2007... (1)

logicassasin (318009) | more than 6 years ago | (#21050509)

... and people still use Real anything...

Wow.

After that wretched "G2 Phone Home" crap and the whole "tell me who your are so I can spam the hell out of you unless you use a fake email address like 'realsucks@pissoff.com'" crap, I'm really suprised ANYONE uses the stuff. I haven't come across a single site in the last few years that uses Real to stream, and all of my musician buddies stopped encoding in Real format back in 2001 or so.

File this exploit under "does anyone really care?". It's like finding a zero-day exploit for Windows 3.11 or MS Bob.

Re:it's 2007... (1)

Antique Geekmeister (740220) | more than 6 years ago | (#21050793)

Apparently, the BBC's Iplayer project just announced that they'll also be providing content in Real, because a stack of Linux, Mac, and other software users got extremely upset their content could only be viewed with Windows Media Player. So, it's true that Real is around and will be around for a while, namely to provide an alternative to Windows Media Player.

Now, if they'd just give up on calling files tagged as .rpm as Real files, and save them as software packages and save me having to use the "save as" option, I'd be thrilled.

Great. More Patches. (1)

Lime Green Bowler (937876) | more than 6 years ago | (#21050897)

Just bloody great. My company insists upon loading RetardPlayer in our workstation images. This will mean another high-priority patch. Patching is always painful- either the sudden unannounced Gift of Reboot, or the One-Hour-of-Death-Clock, that stays on top of everything. All for near-abandonware that nobody uses. Ah, if only we ran Linux.....

The Sole User of Real Here (1)

WebmasterNeal (1163683) | more than 6 years ago | (#21051039)

I still use the real player. Really the only reason I do is becuase the 100+ downloaded south park episodes I have from southparkx.net are encoded as .rm files and are better quality (for a 36mb) than anything else. Honestly though, people rip on Real but I think itunes & quicktime (bundled together mind you at 50mb+) is a much inferior product than Real. Apple and Adobe are two of the worst bundling companies out there.

Drive-by? (1)

mig174 (1176805) | more than 6 years ago | (#21051045)

drive-by malware downloads? good thing I got a MAC

What is ActiveX? (1)

WillAffleckUW (858324) | more than 6 years ago | (#21051049)

I disabled that on my WinXP a looooooonnnnnnnngggg time ago.

MIT open courseware & Realplayer (2, Informative)

Ethanol-fueled (1125189) | more than 6 years ago | (#21051369)

The evil Realplayer is still required for some MIT open courseware. They should convert those files ASAP.

Only Zero day flaws? (1)

psychicsword (1036852) | more than 6 years ago | (#21052711)

Sorry buy this post is buffering...
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>