Winamp mends trio of old-school security holes
Heap overflow? Winamp? Party like it's 1999
An update to Winamp closes a terrible trio of critical security holes in the popular media player application.
The rather old-school vulnerabilities involve a brace of integer overflow cockups in the in_avi.dll plug-in and a heap-based buffer overflow vulnerability in the in_mod.dll plug-in library. All three flaws create a means to inject hostile code into systems running vulnerable versions of the software, which is developed by Nullsoft, a division of AOL Music. Exploits would involve tricking victims into attempting to play malformed media files.
Users are advised to upgrade to version 5.623 of Winamp media player for Windows, as explained in an advisory by security notification firm Secunia here. More details can be found in a post on Winamp's forums here. ®
Still a great media player IMO
I'm the last to approve of AOL, but my experience of Winamp is far better than that of certain apple shaped media software.
I'm all Linux at home, and am resigned to using iTunes lookalikes (Banshee, Rhythmbox) since I found XMMS2 a pain to find, then set-up on recent versions of Ubuntu and XMMS3 was just not very user-friendly (for my wife).
I still like and use Winamp on Windows machines at work. Their best feature IMO has always been sorting how I want it (Sort by > Path & Filename), but their playlist features are also great. I use it to create playlists for use on my phones, and their support of varied formats is also good. When I re-encoded music to the excellent he-aacv2 format for playback on my phones back in 2007, Winamp was the only player that supported the format.
As for support, once I got my recent defect noticed, it was fixed in what I would call reasonable time and is in the latest version... [aacdec] Detection of parametric stereo for AAC files made with older encoders.
sucks less balls than itunes
I've paid the $20 or whatever years and years ago and, apart from a few video codecs that it only pretends it knows what to do with, it has stood the test of time for me at least. Excellent media library, converts files, rips to FLAC & mp3, ipod support, etc. not to mention the most consistantly trippy plug-ins.
Cold boot windows, right click a folder in explorer, play in Winamp: >7k tunes load and play in seconds. Try that with itunes or WMP. It can even make a half-decent go at randomising a playlist instead of just the lame 'shuffle' play option. (all are lame IMO if you have 'too many' tunes)
PS: Anyone that installs anything by fast-clicking next next next deserves everything they get.
What about VLC media player?
Or does that just make me sad?