RealNetworks Releases Update to Address RealOne Player Buffer Overrun Vulnerabilities.

Updated December 16, 2002

As reported on December 11, 2002, RealNetworks' engineers have been working to verify and fix recently identified "buffer overrun" errors in the RealOne Player. Please use the links below to update your Player to one that includes the identified fixes.

While we have not received reports of anyone actually being attacked with this exploit, all security vulnerabilities are taken very seriously by RealNetworks. In addition to fixing reported vulnerabilities, RealNetworks performed a comprehensive review of all of the RealOne Player source code to reduce the chance that any vulnerabilities remain.

Affected Software:
RealOne Player and RealOne Player v2 for Windows (all language versions), RealOne Player for Mac OS X, RealOne Enterprise Desktop Manager and RealOne Enterprise Desktop.

To ensure that your RealOne Player is protected, we recommend installing the updates available.


Windows Players:
Please click here to update your RealOne Player (All language versions)

Mac Players:
Please go to to get the update.

RealOne Enterprise Products:
Updates for the RealOne Desktop Manager and RealOne Enterprise Desktop will be available in approximately two weeks. This page will be updated at that time to include the appropriate links.

Update as of Dec 20, 2002:
Please click here to update your RealOne Desktop Manager.
Please click here to update your RealOne Enterprise Desktop.

Some of these vulnerabilities were discovered with the help of Mark Litchfield of Next Generation Security Software Ltd.

While RealNetworks endeavors to provide you with the highest quality products and services, we cannot guarantee and do not warrant that the operation of any RealNetworks product will be error-free, uninterrupted or secure. See your original license agreement for details of our limited warranty or warranty disclaimer.