RealPlayer CreateProcess() Security Vulnerability.

November 17, 2005

As the leading creator of digital media services and software, we take security issues very seriously. RealNetworks is working to address a recently discovered security vulnerability to the RealPlayer regarding use of CreateProcess(). The vulnerability could provide the potential for an attacker to run arbitrary or malicious code if that code already resides in a specific location on a user's PC.

RealNetworks has received no reports of machines compromised as a result of this vulnerability. We are committed to providing our customers with timely and comprehensive information about our software. As such, we encourage users to check this site periodically for the latest updates.