Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
BLACK FRIDAY DEAL: Trust the World's Fastest VPN with Your Internet Security & Freedom--A Lifetime Subscription of PureVPN at $48 with coupon code "BFRIDAY20" ×
Security

Submission + - Major QuickTime Vulnerability in Latest Version (beskerming.com)

SkiifGeek writes: "Less than a month after news of active OS X fake codec malware, a major vulnerability in the latest version of QuickTime (7.3, only released two weeks ago) has been discovered and has already gone from proof-of-concept exploit code to two readily available exploit samples.

With the ease by which this exploit can be integrated with media streams, it marks a greater threat for end users than a fake codec. At this stage, about the best mitigation recommended is to disable support for RTSP via the File Type / Advanced -> MIME Settings option in QuickTime's Control Panel / PreferencePane. Even though the exploit is only for Windows systems (including Vista — QuickTime apparently doesn't utilise ASLR), OS X users could be at threat from related problems, given historical RTSP vulnerabilities."

This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Major QuickTime Vulnerability in Latest Version

Comments Filter:

Real computer scientists don't program in assembler. They don't write in anything less portable than a number two pencil.

Working...