Spyware tunnels in on Winamp flaw

Earlier this week, security companies warned that attack code for exploiting the flaw was circulating on the Internet. On Thursday, Sunbelt Software said it had found a Web site hosting a malicious Winamp playlist file. Opening the file loads spyware onto an unwitting user's PC, it said.

"After surfing to a malicious Web site on our test machines, the file 'x.pls' begins to download," Sunbelt's Adam Thomas wrote in a posting on the anti-spyware software maker's corporate blog. "Almost immediately, Winamp starts to execute the play list and remote code execution begins." Spyware tunnels in on Winamp flaw | CNET News.com

Linked by shanmuga Saturday, 4th February 2006 2:22AM