Largest Directoty of Internet Security Software

PC Media Players Full of Holes

Home Software Threats Security
News		  

PC Media Players Full of Holes
[author:zyk06 Public time:Aug 7, 2007]
As a result, audio and video downloads can be turned into digital weapons that hackers could use to hijack or corrupt computers, said David Thiel, senior security consultant with San Francisco-based researcher iSEC Partners.

Thiel, who exposed the flaws on relatively obscure open-source media players during a presentation at the Black Hat hacker conference, said he has found several flaws in popular commercial players.

But he declined to provide their brand names because, he says, he is still disclosing the exploits to the companies so they can issue fixes.

He isn't aware of any current attacks using the vulnerabilities he's discovered but said they're hard to track.

"The actual potential for attack is reasonably severe because nobody cares about actually playing videos from YouTube or playing music on Web pages — you can't get music to stop playing at you," he said. "Because this stuff is launched automatically, I think the impact could be significant."

Paul Proctor, a research vice president with Gartner Inc. (IT), said Thiel's findings could pressure companies to investigate flaws in their media players and patch them quickly.

Hackers have targeted media players before, Proctor said, but Thiel's attacks appear to infiltrate the machines more deeply and circumvent traditional Internet safeguards.

Thiel unveiled a new program using a technique called "fuzzing" — corrupting the files used in applications in a controlled way to find exploitable bugs — to identify weaknesses in various media players.

"This is a new frontier for hacks," Proctor said. "The straightforward, basic truth is that companies that make media players of all types will have to become as vigilant."

Thiel and other programmers are exposing security vulnerabilities during the two-day Black Hat conference and will continue doing so at the three-day Defcon convention that starts here Friday.

So-called "white hat" hackers present flaws to alert companies that their products are vulnerable to pranks or serious attacks by malicious or "black hat" hackers.

Jeff Moss, director of Black Hat, said conference organizers picked Thiel to present his findings because digital audio and video files are becoming phenomenally popular on YouTube, MySpace and other social networking sites.

"This is the next logical place to attack," Moss said. "People know not to open strange documents, but they click on MP3s all day long."

Source: http://www.foxnews.com/




Printed From:http://www.free-press-release.com/news/200708/1186477356.html
Source:Free Press Release

Similar news >>
  • Prefix NE Wins Four Star Rating from PC PRo Reviewers [Aug 31, 2007]
  • PC World names PC Tools' Spyware Doctor "Best Vista Antispyware" [Aug 29, 2007]
  • PC Tools AntiVirus - Antivirus Software, Free Antivirus Software [Jul 19, 2007]
  • PC Tools reports latest trends: Malware 2.0, zero-minute threats, micro-malware [Jul 19, 2007]
  • PC Security Tweaker [Apr 26, 2007]
  • PC Tools Wins the Prestigious Checkmark security certification for its anti-spyware and anti-virus [Apr 9, 2007]
  • PC Mesh Internet and Disk Cleanup 5.0 released [Apr 9, 2007]
  • Botnet Software Can Hijack A Computer [Apr 8, 2007]
  • PC Security Tweaker [Mar 24, 2007]
  • PC Security Tweaker [Feb 20, 2007]

    		•


    Cookie Cleaner   |    History Eraser   |    Popup Killer   |   Firewall   |   Antivirus   |   Security Encryption   |   UnInstaller   |   Security News
    eTrust Pestpatrol Anti-Spyware   PestPatrol 5   Ad-Aware SE Removal   Ad-Aware SE   Ad-Watch   SpyFighter Cleaner Pro   Free Adware Remover   Spy Sweeper  Webroot Spy Sweeper 
    Copyright © 2002-2007 Internet Security Software.All rights reserved.
    Directory of Internet Security Software - Cookie & Cache Cleaner, History & Evidence Eraser, Popup Killer, Firewall
    Powered By DownloadAtoZ