Posted on 12/21/2005 10:45:03 PM PST by Bush2000
iTunes and QuickTime flaw detailed
By Joris Evers, CNET News.com
Published on ZDNet News: December 21, 2005, 2:47 PM PT
Don't open media files from sources you don't trust--it may lead to your computer being hacked, a security researcher has warned.
Tom Ferris, an independent security researcher, has provided more details on a security flaw in Apple Computer's popular iTunes and QuickTime software that could put systems running Windows and Mac OS X at risk of attack. He first disclosed the flaw in early December.
An attacker could commandeer a vulnerable computer by tricking a user into opening a malicious ".mov" media file, the Mission Viejo, Calif.-based bug hunter said in an advisory posted on his Security-Protocols.com Web site late Tuesday.
"The vulnerability allows an attacker to cause the program to crash and could allow the execution of arbitrary code," Ferris said. "The flaw exists in all current and earlier versions of iTunes and QuickTime."
Security-monitoring company Secunia rates the issue "moderately critical", while the French Security Incident Response Team, a research outfit, tags it "critical." Apple did not respond to a request seeking comment.
You're kind of scary. Do you work for Microsoft? Is this all you post about?
I wonder how difficult it must be to exploit.
It "may" lead to your computer being hacked and "could" allow the execution of arbitrary code - sounds like they have yet to prove their case.
But it's still closed-source, so how can you tell? ;-)
Wow. It didn't take long for the personal attacks to begin. Guess some people don't understand the whole don't shoot the messenger" thing.
bttt
Quick time AND mediaplayer manage to get themselves into the startup in scurrilous ways...go to 'magage add-ons' for XP, or msconfig for all OS to check out what's starting up. Bastids.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.