According to Symantec, the latest threat exploits a recently discovered RealPlayer vulnerability in an ActiveX object in the RealPlayer component ierpplug.dll. The flaw allows the download and the execution of Trojan.Zonebac. Eventually, the attacker can take the complete control of the infected system.

Symantec stresses out that a successful attack doesn’t require the user to run RealPlayer. Simply the fact that you have the software installed will start the attack when a malicious page is being visited. The flaw is known to affect RealPlayer 11 Beta and RealPlayer 10.5; older versions may also be vulnerable.

In an ironic note, don’t worry about having the malware on your computer and not knowing it: a clip named "videotest" from the "My Library" folder will be played.

RealNetworks has issued a patch for this flaw, available here.