Winamp plug-in backdoor wide open to viral penetration
But plugged firmly in latest release
Customer Success Testimonial: Recovery is Everything
Winamp media player users need to update their software following the discovery of multiple security holes, some of which provide a means to distribute malware via booby-trapped media files.
Version 5.6 of the software for Windows fixes a critical integer overflow vulnerability in the the "in_nsv.dll" plug-in library that leaves users exposed to viral attack – provided, of course, that they are first tricked into opening a maliciously constructed stream or media file. The update from developers Nullsoft also addresses a potentially nasty, but probably less easy to exploit, bug involving the handling of midi files. The release also includes a number of performance and stability tweaks.
A release announcement can be found on Nullsoft's forum but details of the security side of the update can more easily be reviewed via an advisory on the bugs by security notification firm Secunia here. ®
COMMENTS
Outraged of Tunbridge Wells
Backdoor penetration? But plugged?
This site gets filthier by the day.
I approve.
Snap
Before I clicked on the comments link for this article, I thought to myself: "what's the bet the first comment is from someone desparate to tell the world how shit Winamp is these days?"
Thanks at least for keeping it short.
IT infrastructure monitoring strategies
What you need to know about cloud backup
Agentless Backup is Not a Myth
Top 10 SIEM implementer’s checklist
Customer Success Testimonial: Recovery is Everything
