toggle

AAPL Stock: 112 ( -0.65 )

Printed from http://www.macnn.com

QuickTime exploit circulates on Web

updated 01:20 am EST, Fri November 30, 2007

QuickTime 7.2 exploit

Symantec has notified DeepSight customers that a bug in QuickTime's Real Time Streaming protocol can lead towards the execution of malicious code on any computer running QuickTime 7.2 or later, and that a working proof-of-concept set of code being circulated on the internet. Computerworld reports that the bug was originally posted on milw0rm.com, and that the exploit code had worked when tested against Windows XP and later in Vista. Mac OS X 10.4 Tiger and 10.5 Leopard are said to be vulnerable as well, but took considerably more time for researches to craft a reliable, working exploit.

Apple has not commented on the issue, or supplied a patch for the bug, but Symantec urges QuickTime users to disable Quicktime as an RTSP protocol handler, which should prevent code from being triggered. Symantec also notes that the bug relies on TCP port 554 and UDP ports 6970 - 6999, and that filtering options should be enabled on those ports.

Early Thursday, SonicWALL announced that its Unified Threat Management technology has been updated to understand and prevent the threat posed by Quicktime, while Heiss Security discovered a flaw with Leopard's quarantine system.




by MacNN Staff

toggle

Comments

  1. horvatic

    Joined: Dec 1969

    0

    We've heard it all before

    We've heard it all before. Proof of concepts by the very people who make anti-virus software. Which means they just want to sell you there product and that's all the proof they want. Every supposed proof of concept has been totally wiped as pure FUD. This probably will be too. Now if it was a Windows OS hackers would have already compromised millions of PC's. But it's not, and to date nothing has happened. Unix is very strong in security even if there is a compromise it isn't nearly as easy to exploit it because Unix was built with security first not as an after thought.

  1. robttwo

    Joined: Dec 1969

    0

    This one is real

    Not the one in the article - that's the usual dogshit. I mean this new exploit that hasn't been mentioned:

    If you leave your MAC on, irregardless of what system is running, and someone comes over and unplugs your machine - IT WILL TURN OFF. There is no known way to fix this exploit, and I have the proof of concept right here.

    Doofuses.

  1. lancelott

    Joined: Dec 1969

    0

    I agree with robttwo

    Lets alert Apple! ^^

    ;-)

  1. fubar_this

    Joined: Dec 1969

    0

    Yes it is a big deal

    Perhaps you are just ignorant but this is a rather severe vulnerability. Using a simple invisible (1 px) IFRAME on a hacked Web site, anybody that visits a compromised Web site using Firefox and Safari 2 gets compromised. That's a pretty bad vulnerability.

    And if you think "I'll never visit a bad Web site like that", remember in Feb 2007 the Dolphin Stadium Web site was hacked a week before the Superbowl. Using a buffer overflow in ActiveX several hundred thousand PCs were infected.

    Also let's remember that QuickTime was responsible for the largest worm of 2006 (JS.QuickSpace, http://www.securityfocus.com/brief/375). So maybe we _should_ alert Apple.

  1. fubar_this

    Joined: Dec 1969

    0

    oh and

    As stated very clearly in the article, the vulnerability and exploit are posted on milw0rm.com, a blackhat Web site. It wasnt published by any antivirus company. milw0rm.com commonly contains exploits that are used in rootkits, virus creation tools, etc. Rest assured they are not an antivrus company. Should read the article first.

  1. robttwo

    Joined: Dec 1969

    0

    fubar_ass

    And exactly how many MAC users have been affected by this...?

    Doofuses.

  1. fubar_this

    Joined: Dec 1969

    0

    robnitwit

    Why does the number of Mac (MAC? wtf?) users affected matter? It's a major security vulnerability in Apple's software that has been exploited. Only because Apple has a small marketshare this hasn't affected many people. You're happy because of this?

    PS: Looks like exploits are already being used: http://blog.secondlife.com/2007/11/30/second-life-viewer-susceptible-to-quicktime-security-flaw/

  1. robttwo

    Joined: Dec 1969

    0

    Ohhhhhhh

    I see where you spend your obviously valuable time. So - lots of machines being "infected" by this? Taken over? Destroyed? Used as viral festering grounds?

    Again - I can crash your machine anytime I want. Just let me walk over to it.

    Doof (a******) uses.

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

MacNN Sponsor

Recent Reviews

Dell AD211 Bluetooth speaker

For all of the high-priced, over-engineered Bluetooth speakers in the electronics market, there is still room for mass-market solution ...

VisionTek 128GB USB Pocket SSD

USB flash drives dealt the death blow to both the floppy and Zip drives. While still faster than either of the old removable media, sp ...

Kodak PixPro SL10 Smart Lens Camera

Smartphone imagery still widely varies. Large Megapixel counts don't make for a good image, and the optics in some devices are lackin ...

toggle

Most Commented

 
toggle

Popular News