Streaming media files a big security risk?

Posted on Sunday, Aug 12 2007 @ 17:12 CEST by Thomas De Maesschalck
Security expers believe the next big wave of hacker attacks could come from an unexpected source: streaming media files:
uring his presentation at the Black Hat conference in Las Vegas last week, iSEC security Relevant Products/Services researcher David Thiel noted that when Web surfers go to a video content site such as MySpace or YouTube, there is no way to get the multimedia content to shut off. This lack of control represents a method that hackers could potentially exploit to install malicious software on PCs without the computer owner's knowledge.

"Thiel has been playing around with vulnerabilities that exist in the codecs for media players," explained Gartner research vice president Paul Proctor. "If you can find a vulnerability in a codec -- one that can pass executable code through to the media player -- then anybody can insert that into a Web site."

"The bad guys seem to gravitate around the porn sites, which already are all about streaming video and sound, so they are a likely place for somebody getting attacked because the criminals are already there," Proctor said. "It points to the need for the media player vendors out there to keep up to date on their patches."
More info at NewsFactor.

About the Author

Thomas De Maesschalck

Thomas has been messing with computer since early childhood and firmly believes the Internet is the best thing since sliced bread. Enjoys playing with new tech, is fascinated by science, and passionate about financial markets. When not behind a computer, he can be found with running shoes on or lifting heavy weights in the weight room.

Loading Comments