Forgot your password?
typodupeerror
Security

+ - Major QuickTime Vulnerability in Latest Version->

Submitted by
SkiifGeek
SkiifGeek writes "Less than a month after news of active OS X fake codec malware, a major vulnerability in the latest version of QuickTime (7.3, only released two weeks ago) has been discovered and has already gone from proof-of-concept exploit code to two readily available exploit samples.

With the ease by which this exploit can be integrated with media streams, it marks a greater threat for end users than a fake codec. At this stage, about the best mitigation recommended is to disable support for RTSP via the File Type / Advanced -> MIME Settings option in QuickTime's Control Panel / PreferencePane. Even though the exploit is only for Windows systems (including Vista — QuickTime apparently doesn't utilise ASLR), OS X users could be at threat from related problems, given historical RTSP vulnerabilities."

Link to Original Source
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Major QuickTime Vulnerability in Latest Version

Comments Filter:

Debug is human, de-fix divine.

Working...