A security researcher today revealed new and unpatched bugs in the Windows version of Apple Inc. ’s QuickTime , just a week after the company plugged a hole known for nearly a month. Laurent Gaffie posted details of vulnerabilities in five functions of a QuickTime ActiveX control to the Full Disclosure security mailing list yesterday, along with proof-of-concept exploit code.
Gaffie said the attack code works against the newest edition, 7.4.1, which Apple issued only last week to patch a flaw in the player’s handling of the Real-Time Streaming Protocol (RTSP). Because the vulnerabilities are in an ActiveX control, the Microsoft technology most commonly used in Internet Explorer (IE) plug-ins, only Windows users are at risk. QuickTime is very common on that platform, however, since it is installed alongside Apple’s popular iTunes music software. Symantec Corp.
warned that in-the-wild attacks would probably pop up shortly. “Historically, QuickTime vulnerabilities are actively exploited shortly after they are publicly disclosed,” the company said in an alert to customers of its DeepSight threat network. “We expect to see functional exploit code and active targeting of these issues shortly.” An attack could hijack the PC or crash IE, Symantec added.
“Attackers can exploit these issues to execute arbitrary code within the context of the application that invoked the ActiveX control (typically Internet Explorer) and failed exploit attempts will result in a denial-of-service condition,” the warning continued. Gaffie’s revelations added to QuickTime’s problems and marked yet more vulnerabilities in ActiveX controls. Apple’s media player was patched 34 times last year and is on a pace to best that during 2008.
Leave a comment
You must be logged in to post a comment.