To address a security hole being exploited by hackers, RealNetworks has issued a security fix for the Windows versions of RealOne Player, RealOne Player version 2, RealPlayer 10.5 and RealPlayer 11 beta. The Windows versions of RealPlayer 8 and earlier versions of RealNetworks are not vulnerable. Linux and Macintosh versions of RealPlayer are also not affected.
The attack targets an ActiveX object installed by RealPlayer, and affects how that object interacts with the Internet Explorer browser. The exploit, if executed, can corrupt process memory and execute arbitrary code.