Winamp users warned of "extremely critical" hole

Nullsoft has released an update to Winamp to fix a serious security vulnerability that opened up systems to remote attack.

The company posted version 5.13 of the media player online on Monday after Secunia and other security companies issued alerts about the problem. Malicious software exploiting the "extremely critical" flaw was already circulating on the internet, according to Secunia's advisory.

The security hole, found in the latest version of Winamp 5.12, could lead to malicious attackers taking remote control of a Winamp user's system. Earlier versions of the media player may also be affected, Secunia said.

Even though the security company gave the vulnerability its highest rating for software threats, it noted that the number of people who use Winamp has declined over the years, so the scope of the problem is not as large as it once might have been.

Thomas Kristensen, Secunia's chief technology officer, said: "Winamp used to be the world's most popular MP3 player and is still quite popular but as Windows Media Player has gotten better, some users have migrated over."

The vulnerability could be exploited when a Winamp user visits a malicious website and a tainted media file is launched onto the person's system. A buffer overflow is triggered, which allows the attacker to take control of the computer without being constrained by security measures, Kristensen noted.

He said: "We aren't aware of any systems that have been compromised yet but it's likely to happen since there's exploit code out."

The update from Nullsoft, a division of AOL, has been made available for download at the Winamp website.

The vulnerability, initially discovered by Atmaca, is not the first to be found in the Winamp software. In late 2004, a highly critical flaw was found in the playlist files for the Winamp player.

Dawn Kawamoto writes for CNET News.com