Security Update For RealPlayer Enterprise

Updated March 22, 2006

RealNetworks, Inc. has addressed recently discovered security vulnerabilities that offered the potential for an attacker to run arbitrary or malicious code on a customer’s machine. RealNetworks has received no reports of machines compromised as a result of the now-remedied vulnerabilities. RealNetworks takes all security vulnerabilities very seriously.

The specific exploits were:

Impacted Products and Versions:

This affects versions 1.1, 1.2, 1.5, 1.6 and 1.7 of RealPlayer Enterprise (standalone and as configured by the RealPlayer Enterprise Manager).


To ensure that your Player is protected, we recommend installing the available update.


RealPlayer Enterprise Solution:

Please click here to get the updated RealPlayer Enterprise.

Your PAM site will contain a complete / updated copy of RPE.


RealNetworks would like to acknowledge John Heasman of NGS Software, Greg MacManus with iDEFENSE Labs, and Sowhat for bringing these exploits to our attention as well as those who subsequently worked with RealNetworks to correct the vulnerabilities.


RealNetworks Inc. endeavors to provide you with the highest quality products and services, but cannot guarantee, and does not warrant, that the operation of any RealNetworks product will be error-free, uninterrupted or secure. Please see your original license agreement for details of our limited warranty or warranty disclaimer.