On Wednesday, security company Secunia revealed that a new security vulnerability was discovered in Real Player and IE, where hackers can borrow RealMedia (.rm) files to open local files on browsers with RealPlayer installed.
This vulnerability exists in RealPlayer with version number 10.5 (build 6.0.12.1056), which contains Plus and Basic versions, and is available on Windows, Mac OS X, Linux, Unix, Palm OS, and Symbian OS. However, past versions do not rule out the possibility of being infected. Secunia pointed out that malicious users can create a website that can load HTML documents of local machines through special RealMedia files. If the user uses IE with RealPlayer, the hacker can force the local file to be opened automatically.
Secunia recommends that RealPlayer users avoid opening RealMedia (.rm) files from distrustful websites, and block the browser's ability to automatically open these files.