Saturday, February 04, 2006
Do you use "WinAmp" v5.12? You're at risk.
This is yet another case where bad guys supply poisoned input to a program and get control over your computer.
In this case, the program's weakness shows up when it opens playlist files. The poison consists of putting in a preposterously long file name.
Unfortunately you can't just decide not to open playlists from strangers. There are some tricks that will make WinAmp open a playlist just because you looked at the wrong web page.
Your firewall won't help, because firewalls don't know about this kind of thing. Antivirus might help someday. Anyway your best move is to upgrade. You're supposed to get a popup inviting you to upgrade, just say yes when you see it. You're also safe if you uninstall the program and switch to a different media player, or, if you like popping the hood, you can prevent automatic playing of poisoned content by following the advice of Kaspersky Anti-virus and going to the Windows Folder Options menu, picking .pls under file types, and turning on "Confirm open after download".
This sort of thing is the reason lean systems with minimal software are safest.
|
In this case, the program's weakness shows up when it opens playlist files. The poison consists of putting in a preposterously long file name.
Unfortunately you can't just decide not to open playlists from strangers. There are some tricks that will make WinAmp open a playlist just because you looked at the wrong web page.
Your firewall won't help, because firewalls don't know about this kind of thing. Antivirus might help someday. Anyway your best move is to upgrade. You're supposed to get a popup inviting you to upgrade, just say yes when you see it. You're also safe if you uninstall the program and switch to a different media player, or, if you like popping the hood, you can prevent automatic playing of poisoned content by following the advice of Kaspersky Anti-virus and going to the Windows Folder Options menu, picking .pls under file types, and turning on "Confirm open after download".
This sort of thing is the reason lean systems with minimal software are safest.
# posted by Frederick @ 10:30 PM Email to a friend:
Haloscan: they provide trackback