posted on Tuesday, April 06, 2004 10:05 AM
by
demiliani
WinAmp Security Hole Discovered
Just read now on TechWorld that a Winamp security hole has been discovered, and fortunately just patched.
This bug can provide someone with system access simply by getting someone to visit a malicious website. It all has to do with how the software loads Fasttracker 2 ".xm" media files.
It is possible to cause a heap overflow and so run code on the person's system. A ".xm" file is not needed however, as the software runs through all supported files with the same faulty piece of code. This greatly increases the opportunities hackers may have to con someone into clicking a link and so providing them with system access.
The flaw affects all WinAmps and so the only advice is to upgrade as soon as possible to the new patched version (5.03) on the company's website here.