Mac security vendor Intego has claimed that any exploit that targets a Windows computer will also affect Macs. Apart from the relatively trivial case of an exploit intended only to crash QuickTime, this may not be true. While the vulnerability may be cross-platform, an exploit would need to be targeted to an operating system. That said, writing an exploit that takes advantage of a shared vulnerability to deliver system-specific payloads is an established technique.
Archives for QuickTime category
But unlike the previous exploit, this one is easily avoided. If AV software doesn’t recognise it as Trojan.Quimkids , then disabling QuickTime as an RTSP protocol handler and the QuickTime ActiveX controls in Internet Explorer will ensure that the exploit will not work. In Firefox, the QuickTime plug-ins can be disabled.
Networking security hardware manufacturer SonicWALL recently announced that it has distributed defensive measures to users of it’s Unified Threat Management technology, against zero-day vulnerability exploits found in QuickTime. Malicious websites are able to create a stack-based buffer overflow in Apple’s media player, by providing a phony movie file that, when activated, executes a series of code that allows a users machine to be taken over.
A vulnerability in the QuickTime media player discovered late last month has been exploited to steal virtual currency in the game Second Life (called “Linden Dollars”), a significant problem since Linden Dollars can be converted into US dollars, with an exchange rate of about 250 Linden to one US dollar.
The popular QuickTime Player was patched, and once more is leaking. This time public code exists for the exploit, and Apple has no patch (a zero-day exploit). The exploit crashes ActiveX, but the Firefox browser passes the code on to QuickTime, making that platform a bit more vulnerable than MSIE (for a change). You can read Symantec’s description HERE .
MacPro Memory With Apple Spec Heat Sink 1GB Kit $98 / 2GB Kit $174 / 4GB Kit $342 Click to Maximize your Macs…FastMac: Performance Upgrades Designed to Extend the Life of Your Current Mac. Easy to Install. Easy to Afford. Hard to Live Without. Painless Evolution. Click here. Mac observers can now play Party Poker for Mac as well as Mac casino games by going to MacPokerOnline.com.
Apple has had to fix dozens of flaws in its QuickTime player this year. In an update released at the beginning of this month, the company patched up seven security holes in the media player. The following week, the company patched 41 other vulnerabilities in software that ships with its Mac OS X operating system.
Exploit for QuickTime vulnerability in circulation
Posted on 2007 under QuickTime | No Comment26 Nov
The company says the proof of concept is a successful web attack when received by Firefox, which passes the RTSP requests to QuickTime Player. Internet Explorer and Safari use a plug-in to handle QuickTime items, and the exploit triggers their overflow protection mechanisms. Symantec suggests this shortcoming might be overcome with more effort.
Yet another critical vulnerability in Quicktime 7.3
Posted on 2007 under QuickTime | No Comment26 Nov
Demo programs that reportedly demonstrate the vulnerability have already popped up in the milw0rm archive. Until Apple releases a patch for this vulnerability, the only workaround for the playback of RTSP streams is to use other software or to restrict the use of streaming data via the firewall. Users are also advised to be careful with QuickTime Link files (.qtl), which can also reference RTSP sources. Apple released version 7.3 only a few weeks ago.