Real Player zero day

I wrote yesterday about a zero day possibly targeting NASA. This morning Symantec posted news of a Real Player exploit on the loose.
“The issue affects an ActiveX object in the RealPlayer component ierpplug.dll.” While there is no patch available, you can set activeX kill bits. (Google for how to do that). I am deploying that in my enterprise now.


Comments are closed.