Four New RealPlayer Bugs Squashed

RealNetworks on Wednesday disclosed four critical bugs in a large number of its media products, then rolled out new, patched versions for Windows, Mac OS X, and Linux.

The flaw quartet -- collectively labeled as "highly critical" by Danish vulnerability tracker Secunia -- affect RealPlayer, Rhapsody, Helix Player, and RealOne Player, said RealNetworks. Patched editions can be downloaded from the company's support Web site.

Vulnerabilities in how the products process .swf (Flash) and .mbc (Mimio) files, as well as others exploitable by malicious Web sites via surreptitious drive-by downloads, could allow hackers to run their own code on PCs and Macs.

The most recent versions of the popular RealPlayer media player, are not at risk; nor is the software for RealNetwork's music subscription service, Rhapsody.

RealNetworks said it has received no reports of systems actually hit with an exploit, but it still urged users to update as soon as possible.RealPlayer required repeated patching in 2005, with fixes rolled out by the Seattle, Wash. company inNovember andOctober.