• On BNET: Should Apple fire the lost iPhone guy?
January 11, 2008 9:55 AM PST

AOL Radio re-posts security update

by Dawn Kawamoto

AOL Radio may need to turn up the volume to get its users to download the latest security update, or its listeners may tune them out.

AOL Radio re-posted its Unagi plug-in 2.6.2.6 on Friday, but it failed to stress that users running versions of AOL Radio prior to August could be facing a security risk if they didn't download the update.

It turns out that AOL Radio users running version 2.6.1.11 are at risk, said Thomas Chau, who runs the AOL Radio blog. He noted, however, that anyone who downloaded the Unagi plug-in 2.6.2.6 originally posted on the site last fall, or is running the recently released AOL Radio 4.0 beta are safe.

The earlier AOL Radio version contains a security flaw that could allow attackers to compromise users' computers, after viewing a malicious Web site, document, or HTML e-mail, according to a report by the U.S. Computer Emergency Readiness Team (US-CERT) that was released earlier this week.

The security flaw is found in an application, AOLMediaPlaybackControl.exe, that is used by AOL Radio to stream audio in Web pages. But the application contains a stack buffer overflow, according to US-CERT, which could be exploited via the ActiveX control used with the application.

Dawn Kawamoto covers enterprise security and financial news relating to technology for CNET News. E-mail Dawn.
Topics:

Web 2.0

Tags:

AOL,

XM,

and Internet radio

Share:
Digg
Del.icio.us
Reddit
Recent posts from News Blog
If you care about Web, ignore this IPO
Nasdaq 5,000: Ten years after the dot-com peak
Nvidia puts NForce chipset development on hold
Opera 10 browser is here
Neil Young Archives Blu-ray: Rip off?
Acronis revises survey results about backup habits
Acronis miscalculates data on users' bad backup habits
Flickr co-founder presses beta button
Related
Facebook investigating removal of Sarah Palin post
Safari 5.0.1 update fixes black Mail backgrounds, autofill, and more
Adobe to follow Microsoft plan of sharing security info
Wikileaks' estranged co-founder becomes a critic (Q&A)
Adobe Photoshop CS5 12.0.1 update fixes crashes and performance bugs
Details of the first-ever control system malware (FAQ)
Handicapping the mobile music services
Transcript: Wikileaks Afghanistan docs 'alarming'
advertisement
CNET River

What the iPhone jailbreak ruling means

faq The practical impact of a new Digital Millennium Copyright Act ruling may be limited because Apple's end user contract still restricts jailbreaking.

Redesign for Terrafugia's flying car

A successful test flight of a prototype Terrafugia vehicle has led to structural improvements just unveiled. The company hopes to start shipping late next year.

About News Blog

Recent posts on technology, trends, and more.

Add this feed to your online news reader

advertisement
advertisement

Inside CNET News

Scroll Left Scroll Right
News
News site map
Latest headlines
Contact News
News staff
Corrections
CNET blogs
Popular topics
Apple iPhone
Apple iPod
Cell phones
CES 2010
GPS
LCD TV
CNET sites
CNET Site map
CNET TV
Downloads
News
Reviews
Shopper.com
More information
Newsletters
CNET Mobile
Customer Help Center
RSS
CNET API
About CNET