Problem playing an avi file
vvmarko at gmail.com
Thu Jul 15 14:46:00 UTC 2010
On Thursday, July 15, 2010 15:18:58 Alan Cox wrote:
> On Thu, 15 Jul 2010 14:57:16 +0100 Marko Vojinovic <vvmarko at gmail.com>
> > It's a hoax, coupled with propaganda. The very same thing happens even if
> > you actually use Windows Media Player to play the file, on a Windows
> > machine.
> > I didn't try to scan it for viruses/trojans/worms/malware/etc., because I
> > believe you cannot get infected by playing a movie in mplayer (unless
> > mplayer has some serious security exploit that nobody is aware of). So
> > just drop that file and go find a genuine one.
> There have been numerous exploits against video codecs, and fuzz testing
> codecs is .. interesting. The players may well have the odd bug but the
> codecs tend to parse extremely complex compressed data streams from an
> untrusted source, have to do it at high speed and seem to be the main
> source of holes.
> Whether a Windows exploit would work on a non Windows box who knows. It
> may well be the message is because it contains a trojan that *only* works
> in a specific player/codec combination.
Right, so this is not propaganda, but rather instructions which player/codec
combination is vulnerable to the trojan attack. The user sees the message,
tries to play the file in the appropriate player with appropriate codec, and
--- sees the same message yet again, but gets infected in the process. Nifty
So, as long as one *doesn't* follow the instructions on the screen, everything
is ok. :-) Linux players like mplayer, vlc, and others are most probably
immune to this, so no problem there.
Luckily, the Windows machine I tried it on is a virtual one (ie. disposable).
More information about the users