|
|
 |
|
|
Pages: 1
Web tunes sound a security alarm
(Click here to view the original thread with full colors/images)
Posted by: Tweaker
In a newly discerned computer security scenario, you could get an Internet worm for a song.
More precisely, you could get a worm along with a song played on a number of popular Internet media players, including Microsoft's Windows Media Player or RealNetworks' RealPlayer. That's because the players provide the ability to embed Web addresses and scripts--key ingredients in self-propagating, hostile code.
"What we're looking at here is the fact that you can have mobile code now inside of a music file," said Richard Smith, a security consultant in Brookline, Mass. "So you start getting into security problems like macro (viruses) in (Microsoft) Word documents, or ActiveX or JavaScript problems in HTML files. Once you get code inside of a data file, you start having problems.
An exploit using music files would rely on a Web browser with a known vulnerability. But reports of the potential problem have raised old concerns about the ability of malicious file-swappers to "poison the pool" of files traded on networks such as Gnutella, MusicCity/Morpheus, Kazaa and other services that have sprung up in Napster's wake.
Apparently this is only speculation and the media companies are not too concerned right now until this proves to be a real threat. A lot of people are getting MP3 files from untrusted sources, this in itself is a no-no. As always avoid downloading files from unknown sources. Keep your anti-virus software up to date. Bottom line when in doubt "SCAN".
More here
Source: ZDNet News
|
|
|
|
|
