Last weekend, the popular music player software Winamp was targeted by a type of spyware exploiting existing vulnerabilities in the software.
In fact, the exploit code for the Winamp vulnerability was disseminated on the Internet since last week, and a file hosting website for the exploit was also discovered. When users open this website, their computers automatically download spyware without their knowledge.
Security firm Secunia has classified the new vulnerability in Winamp as “extremely critical,” as it could allow hackers to execute remote binary code. The vulnerability was identified early last week, prompting Winamp to issue an emergency patch (version Winamp 5.13) immediately.
The new vulnerability affects Winamp version 5.12 and previous versions. Winamp advises users to quickly upgrade to the latest version – Winamp 5.13 to prevent the possibility of exploitation by hackers.
