Tweet
Can somebody explain what exactly the critical security flaw in winamp 3 is? I keep getting a message about it when I open up Winamp
-
-
Winamp.com - Winamp Security Bulletin
Winamp Unlimited - Security Exploit Advisory
It is strongly advised to upgrade.Please do not PM me for tech support. Any request for tech support through PM will be ignored.
Read the Stickies --->
| 
| 
| 
| 
<--- Knowledge is power -
Addendum - Guide to "sidegrading" from Winamp3 to Winamp 5
Guide to "sidegrading" from Winamp3 to Winamp 5
Apparently you are using Winamp3. Incase you have any questions about switching from WA3 to WA 5...
Winamp 5 is the upgrade/continuation of Winamp 2. Winamp3 was built from the ground up as a new Winamp. It was forced into a early release and was not met by great admiration. Eventually that lead to WA3's demise. The demand for Winamp3 may have died, but the demand for free form (AKA modern) skins did not. To answer the demand, a plug-in was added to Winamp 2 that supported WA3 style (free from, modern) skins. Winamp 2 was renamed Winamp 5 (Winamp 2 + Winamp3 skin support = Winamp 5). Only Winamp 5 Full, Bundle or Pro have modern skin support.
Be sure not to install WA 5 over the WA3 directory/folder. Because WA3 and WA 5 are two different media players, installing WA 5 of WA3 can cause problems. Also, you don't need to install the Pro package if you don't want to.
Near the end of the installation process you will be asked if you want to “Upgrade the Winamp3 install to Winamp 5.x and migrate the skins to Winamp 5.x?â€
If you want to keep separate Winamp3 and Winamp 5 installations select NO. If you are sure you no longer want to use Winamp3 and want to "upgrade" to Winamp 5 select YES. Note: Selecting Yes will remove the default installation files of Winamp3 and the modern skin files (.wal) will be moved to the Winamp5 directory. What to select is up to you, however IMHO I would suggest selecting NO. That way until you learn your way around WA 5, you still have WA3 to fallback on. See screenshot/attachment: WA3toWA_5
The following is a list of various WA3 features and how to find, apply or add them
in WA 5.
Auto-Play at Startup
Try the Time Restore & Autoplay plug-in. APaS on steroids. (updated version v2.06)
Components and Add-Ons/SkinMods
Sorry, WA3 components (WA3 "plug-ins") and Add-Ons/SkinMods (individual skin scripts) are not compatible with WA 5.
Control Menu
Now called the 'Widow Settings' menu and is available in Winamp's main menu. Also available by pressing the Control Menu button or title bar icon/button for any modern skin that has it. Also, as with Winamp3, Ctrl+'Right Click' is a shortcut to the Window Settings menu. As only modern skins support opacity and scaling, the Windows Settings (AKA Control) menu is not available to classic skins.
Cross-Fade
Cross-fade is built in to the DirectSound output plug-in...- Ctrl+P
- Plug-ins > Output
- double click 'DirectSound output'
- Fading tab
- click on the various fade options of choice and click Enabled
- close out of Preferences
Learn Button
The learn button was an auto-gain/normalize feature incorporated about the time of WA3’s demise. As of Winamp 5.3, there is an optional global ReplayGain (auto-gain/normalize) feature. However, the learn button on the old Winamp3 skins does not work with Winamp 5's Replay Gain feature. Info in using WA 5 Replay Gain...
...• Winamp Tutorial: Automatic Volume Leveling in Winamp with Replay Gain
...• Winamp Help > General Preferences: Playback > Replay Gain
Playlist ManagementB4S Playlists
Pertains to WA versions prior to 5.22. Native B4S support for WA 5 was implemented as of 5.22.
If you saved Winamp3 playlist(s) as .B4S files they can not be natively read by pre 5.22 versions of Winamp. To use WA3's .B4S playlists you will need one or both of the following plug-ins...
Enqueue/Dequeue
WA 5 Full, Bundle or Pro does have enqueue function like WA3. It is part of the JTFE plug-in. In the playlist with the selection(s) highlighted Q = enueue and Shift+C = dequeue. The options can also be place on the right click menu. (Ctrl+P > General Preferences > Jump to File > Menu and Buttons tab). You can also use the Jump To Filebox (J or F3) to enqueue/dequeue.
Loaded Playlists/Sidecar/Multi Playlists
WA3's playlist sidecar (loaded playlists) was not a feature of WA 2 and thus not a native feature in WA 5.
You can have multiple playlists in the Media Library. In the playlist editor you can switch between the ML playlists by...
Click Manage Playlist (or List) button (right click if using a classic skin) > select "Open playlists from Media Library"
However, don't get too disappointed. As of Winamp 5.5 there is a WA3 style multi-playlists sidecar style feature. It is part of the new default Bento modern skin. It is available in the multi-content panel (top middle panel) and it is called 'Stored Playlists' There is also one available for the Winamp Modern skin (via a download). The "sidecar" uses the ML playlists. The Modern Default skin sidecar is available for download via the Winamp 5 Essentials Pack.
Quick Selection Box - Playlist Search Bar
Press The F3 or J key to bring up a highly functional Jump To (search) Box. Winamp Full (free), Bundle (free) or Pro supports additional Jump To box functions.
Remove Duplicates
With WA 5 Full (free), Bundle (free) or Pro - Rem button > Remove... ('Remove Misc' for classic skin) > Remove Duplicate Entries
Repeat Single File
Winamp 5 also has it and it is not borked. Read here for tips on using Repeat One in Winamp 5.
Sort Options
For additional playlist sort options try the Active Winamp plug-in. There is also a Sort by Length plug-in.
Opacity/Translucency with classic skins
Classic skins were developed before Windows 2000/XP, therefore classic skins (*.wsz) do not natively support opacity. It is the Modern skins (*.wal) that have opacity "built in". However you can get opacity/translucency effects for Classic skins with one of the following General Purpose plug-ins...- Crystal Classic Skins
adds a 'Alpha Blending' tab to Class Skins prefs menu similar to the Modern Skin prefs menu - Lucidamp
also provides addtional support for Modern Skins - TransparentFX
Skinned Menus
Try NxS Skinned Menus. Applies the skins color to Winamp's menus. A little buggy, but it works.
Skinned or Themed Preferences/Options & About Window
To get preferences and about boxes/windows in Winamp to match the current skin theme (colors, buttons), try the Skinned Preferences plug-in (updated version 0.86.1 alpha). It will also skin some standard Windows dialogue boxes, such as Open dialogue and plug-ins that use standard boxes.
Thinger
A lot of 3rd party modern skins have thinger, however classic skins and the Winamp Modern default skins do not. For a alternative/substitute try the NxS Thinger plug-in (alternate download).
Winamp Browser (AKA MiniBrowser)
The Winamp Browser is integrated into the Media Library and is called Now Playing. Best of all, unlike the WB from WA3 Now Playing has navigation buttons
.
Don't confuse the separate Station Info window with Now Playing (AKA MiniBrowser). The Station Info window is for AOL Radio XM and SHOUTcast Radio category in Streaming Media section of the ML. Alt+T key combo = Now Playing shortcut
Winamp3 Skin (one or more of the following skins)...- Winamp3 Default Skin
- wasabi player skin
- Winamp3 Classified (classic skin look-a-like)
Additional Info
Concern about "upgrading"/"sidegrading" from WA3 to WA 5 | (Taken from here)
From the Troubleshooters Sticky...Built-in crossfader issues:
Winamp3-style enqueue/dequeue, multiple playlists, sidecar etc
http://forums.winamp.com/showthread....79#post1216979
Go To Top Of Post anchors: post1504064 - features - Auto - components - ControlMenu - fade - learn - b4s - queue - sidecar - quick - search - repeat - sort - opacity - skinned - thinger - browser - skin
__________________________________________________________
thread link = http://forums.winamp.com/showthread.php?s=&threadid=197602
search keywords: Winamp3 sidegrade sidegrading side-grade side-grading upgrade upgrading guide convert B4S bpl sidecar popple loaded multi playlists search bar side bar searchbar sidebar
Please report dead or broken links via PM with the subject line Dead Links – WA3 WA 5 Guide. Links will be corrected as time allows. Don't be disappointed if you do not receive reply, so Many Thanks In Advance.
[edit > JonnyMac] Revised October 2007 [/edit]Please do not PM me for tech support. Any request for tech support through PM will be ignored.
Read the Stickies ---> | | | | <--- Knowledge is powerComment
-
thanks for the helpComment
-
Re: Winamp 3 - 5.04 Security Flaw
Hi. I get the same message and I do not wnat to upgrade to Winamp5 as it lacks the sidecar that Winamp3 has. (DrO I read is working on a sidecar for Winamp5 which I eagerly await) But for now i do not want to swap. I do not mind the security flaw in and its relation to IE as a) I do not use IE and b) IE is not allowed to access the internet via my firewalls.Originally posted by Mykeknauff
Can somebody explain what exactly the critical security flaw in winamp 3 is? I keep getting a message about it when I open up Winamp
I would like to know how to disable the popup message so that I can continue to use a nice piece of software without being nagged constantly by a silly popup.
Sorry if this is a bit ranting.
AdamComment
-
Ah. Sweet. Do you how long I have tried to find how to turn this off. It was so simple *looks embarrassed*.
Big thumbs up to you siebe83 and thanx for replying real quick.Comment
-
Thanks, I was actually wondering that myself, as I would prefer to keep winamp 3 (It ain't broke, so why fix it) and also do not use internet explorer.Comment
-
a few questions.
-are the earlier winamp versions vulnerable?
-do i have anything to worry about from earlier versions on winamp?
-can you suggest on how to fix, if this problem happens?
-do you only suggest, and to urge an upgarde?
thanks, the previous message is below.
- http://www.winamp.com/about/article.php?aid=10605
Winamp Security Bulletin
Published: Aug. 27, 2004
By Steve Gedikian
Nullsoft has issued a fix for a newly discovered security vulnerability affecting Winamp 3.0, 5.0 and 5.0 Pro or newer.
The vulnerability takes advantage of the Winamp Skin installer mechanism coupled with a security hole within the Internet Explorer browser.
To be vulnerable, a user must navigate to a specifically crafted web page which automatically installs a malicious Winamp Skin.
This skin launches an embedded Internet Explorer browser within the Skin using a feature of the Winamp Modern Skin Engine.
This malicious Winamp Skin then uses the browser to launch a malicious application bundled within the skin.
There have been reports of this exploit in use on the web to automatically install Adware or Spyware applications without the users consent.
Winamp 5.05 resolves this exploit in two ways:
Winamp will now prompt all users with a confirmation window before installing any skins.
Winamp will now only extract files considered low risk before loading a Winamp Skin.
We strongly urge ALL Winamp users to upgrade to Winamp 5.05 immediately.
Go to the Winamp Player download page to download the latest version of the Winamp.Comment
-
yes, upgradeNever underestimate the bandwidth of a station wagon full of tapes hurtling down the highway.Comment
-
upgrade to the latest version of winamp is the advice which will be given since only the current version is supported (note that does not include Winamp3 or any of the old 2.x versions seeing as 5.x is an upgrade of 2.x)
-dazComment
Comment