AfterDawn: Tech news
AfterDawn > News > New Quicktime vulnerability allows malicious attack

New Quicktime vulnerability allows malicious attack

Written by Dave Horvath @ 02 Jan 2007 10:34 User comments (6)

New Quicktime vulnerability allows malicious attack A newly discovered vulnerability in Apple's Quicktime application could allow your computer to be open to specific attacks. Currently unpatched, this vulnerability appears to effect version 7.1.3.100 for the Windows client and is reported to effect the Macintosh OSX version as well.
The vulnerability uses a flaw in the RTSP (Real Time Streaming Protocol) handling part of the code. If a user were to retrieve a streaming video that contained more than 256 bytes in the "src" portion of the URL, this would then compromise the machine. A successful attack then allows malicious code to be processed on the user's computer. No word yet on a patch.

Source:
Secunia

<75 million PS3 units sold by 2010? >IGA Europe boss says in-game ads help developers retain IP
Previous Next  

6 user comments

12.1.2007 10:52
rav009
Send private message to this user
Senior Member

<---- Updates his security software and hopes for the best until a patch is out.

22.1.2007 11:09
halfhere
Send private message to this user
Member

looks likes macs won't be "virus free" now

32.1.2007 12:53
CiDaemon
Send private message to this user
Member

Just because a vulnerability exists, that doesn't mean that virus coders will jump on it. Why write viruses that only effect 3% of the population? Until malicious coders feel that Apple computers make up a large enough population that it would be worth it, no one will bother.

42.1.2007 16:23
akaangus
Send private message to this user
Member

"Until malicious coders feel that Apple computers make up a large enough population that it would be worth it, no one will bother."

How many iTunes users are out there? Millions I'm sure. That's how many people and more this exploit will affect.

Although this is not a system virus, macs are not quite relatively virus "free", there has always been Mac office exploits out there. I think there was another last week, as well as Java and Flash exploits that have always been around and can still affect macs. Remember in the old SE days the renaming of the Hard Drive ".sony"?

I am a linux user and only have QT on Wine through CrossOver so this doesn't really affect me anyways.

(edited for grammar)

This message has been edited since its posting. Latest edit was made on 02 Jan 2007 @ 4:25

52.1.2007 19:21
gogochar
Inactive

Quote:
looks likes macs won't be "virus free" now
Macs have always had viruses. It's just that they are built better than Windows.

62.1.2007 20:59
CiDaemon
Send private message to this user
Member

"How many iTunes users are out there? Millions I'm sure. That's how many people and more this exploit will affect. " The exploit is within Quicktime, not iTunes. Granted, they install together, but few use QT; iTunes is the real draw. There are plenty of iTunes users out there, but that's not what I said. Remember that I said Apple computers, not Apple software. There are plenty of hacks/viruses/etc. that exploit apple software-but only when it's released for windows. I never said this exploit wouldn't be used by people writing malicious code on a PC. I said no one will bother exploiting it for Mac.

Comments have been disabled for this article.

Latest news

Netflix buys HBO and Warner Bros studios Netflix buys HBO and Warner Bros studios (05 Dec 2025 8:04)
Netflix has won the bidding competition for media giant Warner Bros and will acquire HBO as well as the Warner Bros film studios.
Massive Android 0-day vulnerability found - here's what you should do immediately Massive Android 0-day vulnerability found - here's what you should do immediately (08 Nov 2025 5:35)
A very serious security flaw has been found in the Android operating system, allowing malicious code to be executed on a phone or tablet.
Review: Roborock Saros Z70 - robot vacuum with an arm Review: Roborock Saros Z70 - robot vacuum with an arm (20 Oct 2025 6:13)
In out in-depth review of Roborock Saros Z70 we put the robot vacuum through a 3 month test period, where we observed its work in normal home. The sci-fi -like arm of Z70 was a little bit disappointing, due its limited functionality.
End of an era: TiVo stops making DVRs End of an era: TiVo stops making DVRs (14 Oct 2025 4:12)
TiVo, once synonumous with digital TV recording in the United States and in select other countries, has stopped making DVR devices as of October, 2025.
Strava takes Garmin to court Strava takes Garmin to court (02 Oct 2025 2:30)
The world's perhaps best-known sports app developer Strava has filed a lawsuit against American sports watch manufacturer Garmin, accusing the company of patent infringement.
1 user comment

Reviews

Review: Roborock Saros Z70 - robot vacuum with an arm Review: Roborock Saros Z70 - robot vacuum with an arm
In out in-depth review of Roborock Saros Z70 we put the robot vacuum through a 3 month test period, where we observed its work in normal home. The sci-fi -like arm of Z70 was a little bit disappointing, due its limited functionality.
Roborock Saros 10 review - Great, but not perfect Roborock Saros 10 review - Great, but not perfect
We tested Roborock Saros 10 robot vacuum for more than two months in order to see whether it is really worth its hefty price tag. The mopping, self-emptying Saros 10 was mostly great, even perfect. But its object avoidance was bit disappointing.
1 user comment
Roborock S8 MaxV Ultra review - obstacle avoidance doesn't work as it should, otherwise almost perfect robot vacuum Roborock S8 MaxV Ultra review - obstacle avoidance doesn't work as it should, otherwise almost perfect robot vacuum
We put the Roborock S8 MaxV Ultra through a very, very long review process. The $1800 mopping robot vacuum is almost perfect, but its obstacle avoidance was surprisingly bad, considering the price - and compared to its competitors.

Guides

What IP rating for dust and water resistance means What IP rating for dust and water resistance means
An IP classification (such as IP68) is given to mobile phones, Bluetooth speakers, and other devices, but what do these classifications mean?
1 user comment
What happens if you don't update Android? What happens if you don't update Android?
Sometimes it can be tempting to avoid updating to a new Android version. What happens if you decide to delay major updates to the OS?
Does your phone rattle? Here's why it happens Does your phone rattle? Here's why it happens
When you shake your phone and hear a light rattle, clatter, or jingle, it's likely not broken. The culprit is probably the optical image stabilization (OIS) system in your phone's camera, meaning everything is functioning as it should.
2 user comments
Guide: Is Your Wi-Fi Sluggish or Slow? Here's How to Fix Guide: Is Your Wi-Fi Sluggish or Slow? Here's How to Fix
Do you have problems with you Wi-Fi? Slow connection or is it cutting off constantly? This guide aims to remedy these problems.
1 user comment
GUIDE: Wi-Fi speeds are slow? Here are some tips GUIDE: Wi-Fi speeds are slow? Here are some tips
Having problems with Wi-Fi speed and stability at home? Here are some tips to follow to alleviate the issues.
1 user comment

News archive

Sections:

Follow us:

© 1999-2025 AfterDawn Oy. All rights reserved
Back to Top ⇧
AfterDawn is powered by Powered by UpCloud