Kyle SGMS used our newssubmit to tell us about an article over at ZDNet.com mentioning a glitch with the popular WinAmp software could allow an attacker to embed malicious code into an MP3 file, potentially damaging the user's PC and infecting other MP3s.
The weakness is particularly dangerous because MP3 files are generally considered safe, and hundreds of thousands of users frequently trade them with unknown Internet users via file-swapping services such as Kazaa and Morpheus.
A bug in the code of WinAmp 2.79 allows a specially formed data tag in an MP3 file to cause a buffer overrun in the application, which could be exploited to run any piece of code the attacker wishes. The glitch was posted to the BugTraq security mailing list on Friday by Andreas Sandblad, a Swedish engineering student.
According to Sandblad, the buffer overflow occurs when the URL to be sent to the minibrowser is created, meaning that the exploit can be carried out even if an Internet connection isn't present. However, disabling the minibrowser prevents the attack.
Since the attacker can cause any code to be executed on the user's computer, a virus could potentially be spread by altering the ID3v2 tags of other MP3 files on the hard drive or networked drive, which could then be spread to other users.
Even MP3 files aren't safe anymore... Like said in the article the latest WinAmp version 2.80 does not have this problem anymore. If you want to upgrade your WinAmp version I suggest you point your web browser to www.winamp.com.
Source: ZDNet.com
