toggle

AAPL Stock: 112.46 ( -0.19 )

Printed from http://www.macnn.com

Anti-hacker features added to QuickTime

updated 02:15 pm EDT, Tue April 8, 2008

QuickTime security

Apple's recent QuickTime 7.4.5 release includes exploit prevention mechanisms designed to block attacks from hackers, according to a recent report from eWeek. QuickTime for Windows Vista now features ASLR (address space layout randomization), technology that randomly arranges key data addresses to prevent developers of malware from predicting targets. ASLR is already used by Mac OS X Leopard to reduce the effectiveness of exploit attempts.

QuickTime 7.4.5 also includes a patch that fixes an issue related to the SHA-1 checksum, which is related to protecting files with 160-bit encryption. Also included are stack buffer safety checking (-fstack-protector to gcc) and function call hardening, may work to prevent buffer overflows.

eWeek quotes Dino Dai Zovi, a hacker who has written multiple exploits for QuickTime: "That's a pretty big change for a point release. They [Apple] have way more guts than many other software companies to do something like that. Either that, or they are afraid of the backlash if malware starts targeting QuickTime and iTunes in a more serious way."




by MacNN Staff

toggle

Comments

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

MacNN Sponsor

Recent Reviews

Dell AD211 Bluetooth speaker

For all of the high-priced, over-engineered Bluetooth speakers in the electronics market, there is still room for mass-market solution ...

VisionTek 128GB USB Pocket SSD

USB flash drives dealt the death blow to both the floppy and Zip drives. While still faster than either of the old removable media, sp ...

Kodak PixPro SL10 Smart Lens Camera

Smartphone imagery still widely varies. Large Megapixel counts don't make for a good image, and the optics in some devices are lackin ...

toggle

Most Commented