<div class='os_post_top_link'><a href='http://www.eweek.com/article2/0,1759,1731923,00.asp' target='_blank'>http://www.eweek.com/article2/0,1759,1731923,00.asp</a><br /><br /></div><i>'Users of America Online Inc.'s Winamp media player are at risk of remote code execution attacks because of a flaw in the software, according to a warning from a security research firm. The flaw, which Secunia rates as "highly critical," has been reported in Winamp versions 5.05 and 5.06. Prior versions also may be affected. Security-Assessment.com, which is credited with finding the vulnerability, said a malicious hacker could cause a buffer overflow in various ways, the most dangerous being through a malformed .m3u playlist file. "When hosted on a Web site, these files will be automatically downloaded and opened in Winamp without any user interaction. This is enough to cause the overflow that would allow a malicious playlist to overwrite EIP and execute arbitrary code," the company said."</i><br /><br />Between this and previous news that WinAMP development has ceased, it's not looking good for the once popular and pioneering media player for Windows. :? <br /><br /><img src="http://www.digitalmediathoughts.com/images/winamp.gif" />