The Joy (?) of Plug-In Patching
It looks like we are having a “fry the end users” week. FlashPlayer, RealPlayer and QuickTime all have vulnerabilities that allow remote code execution. The timing is important, unfortunately. These browser plug-ins are very popular, and I would bet most users have all of them installed. RealPlayer and QuickTime have automatic updaters, so a fair share of users is going to be protected quite soon. FlashPlayer has to be updated through a separate download, so it will take a while before that fix gets around.
The important thing to realize is that for any given site a user visits, there is currently a rather high probability that at least one of these plug-ins is vulnerable to attack. There is a window of opportunity of a few weeks, perhaps months, when attackers can penetrate most end-user PCs. This is not good. If I can see this coming, so can the attackers.
Update your plug-ins NOW!