3ivx MP4 codec flaw leaves WMP, Winamp vulnerable

By Justin Mann on
In what comes as a surprise to almost nobody, new vulnerabilities have been published in two popular media players. Windows Media Player and Winamp in particular have been targeted, with the players rendering users vulnerable to certain exploits. Both exploits, while deemed highly critical, were published for very old versions of both suites.

For one flaw, in order to be affected, you must be using Windows Media Player 6.4 along with Media Player Classic. The latter might actually be more of a problem, since MPC is still commonly used in place of the newer Media Player releases. For Winamp, the version rolls all the way back to 3.5. The flaw is related in both, and stems from the 3ivx MP4 codec.

If there was only ever a single reason to keep software updated, security vulnerabilities would be it. Particularly so today when so much media can be streamed. Regardless, this flaw may be present in other suites too, if they rely on the 3ivx MP4 codec. Patches are not available, though common sense is. Don't open any mysterious files and you should be ok.

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.