January 11, 2008 9:55 AM PST

AOL Radio re-posts security update

by Dawn Kawamoto
  • Font size
  • Print
  • Post a comment

AOL Radio may need to turn up the volume to get its users to download the latest security update, or its listeners may tune them out.

AOL Radio re-posted its Unagi plug-in 2.6.2.6 on Friday, but it failed to stress that users running versions of AOL Radio prior to August could be facing a security risk if they didn't download the update.

It turns out that AOL Radio users running version 2.6.1.11 are at risk, said Thomas Chau, who runs the AOL Radio blog. He noted, however, that anyone who downloaded the Unagi plug-in 2.6.2.6 originally posted on the site last fall, or is running the recently released AOL Radio 4.0 beta are safe.

The earlier AOL Radio version contains a security flaw that could allow attackers to compromise users' computers, after viewing a malicious Web site, document, or HTML e-mail, according to a report by the U.S. Computer Emergency Readiness Team (US-CERT) that was released earlier this week.

The security flaw is found in an application, AOLMediaPlaybackControl.exe, that is used by AOL Radio to stream audio in Web pages. But the application contains a stack buffer overflow, according to US-CERT, which could be exploited via the ActiveX control used with the application.

Dawn Kawamoto covers enterprise security and financial news relating to technology for CNET News. E-mail Dawn.
Topics:

Web 2.0

Tags:

AOL,

XM,

and Internet radio

Share:
Digg
Del.icio.us
Reddit
Recent posts from News Blog
Nvidia puts NForce chipset development on hold
Opera 10 browser is here
Neil Young Archives Blu-ray: Rip off?
Acronis revises survey results about backup habits
Acronis miscalculates data on users' bad backup habits
Flickr co-founder presses beta button
Comcast, Sony open retail store
Cox to try coaxing the Internet into submission
Related
Microsoft reposts Windows 7 download tool
Buzz Out Loud Podcast 1135: Best Moments of 2009 (again)
Using Facebook and Twitter safely
Adobe investigating Reader, Acrobat exploit reports
Ford tag-teams HD Radio, iTunes tagging
NPR News for Android is a solid initial offering
Firefox, Adobe top buggiest-software list
Twitter hijacked by 'Iranian Cyber Army'
advertisement

15 sites that went kaput in 2009

Web sites launch all the time, but they also shut their doors. We highlight 15 that bit the dust this year.

Top 10 news stories of the decade

Let the debate begin: Was the iPhone more important than iTunes? Was anything bigger than Google finding a great business model? CNET offers its list of the 10 most important stories of the '00s.

About News Blog

Recent posts on technology, trends, and more.

Add this feed to your online news reader

advertisement
advertisement

Inside CNET News

Scroll Left Scroll Right
News
News site map
Latest headlines
Contact News
News staff
Corrections
CNET blogs
Popular topics
Apple iPhone
Apple iPod
Cell phones
CES 2010
GPS
LCD TV
CNET sites
CNET Site map
CNET TV
Downloads
News
Reviews
Shopper.com
More information
Newsletters
CNET Mobile
Customer Help Center
RSS
CNET Widgets
About CNET