Symantec: QuickTime Flaw Poses Security Threat
Symantec: QuickTime Flaw Poses Security Threat
by , 8:50 AM EST, November 26th, 2007
The security and virus protection software company Symantec is warning that Apple's QuickTime Player application may be open to malicious attacks. According to the company, both QuickTime 7.2 and QuickTime 7.3 are vulnerable to attacks that could lead to denial of service conditions or the execution of unauthorized code on the user's PC.
Symantec claims the threat stems from the way QuickTime Player handles RTSP Response headers. A specially-crafted header could create a buffer overflow because QuickTime apparently does not properly bounds-check incoming data.
The company did not state if this is a Windows-only problem, or if Mac OS X users are at risk, too. Since an attacker could use this flaw to remotely install applications without user consent, however, this is most likely a bigger threat to Windows users because Microsoft's operating systems are routinely the targets of malware and spyware attacks.
Observer Comments
Mon Nov 26, 2007 12:56 pm Subject: Windows only
I read over on CNET that it is a Windows only exploit.
Speaking of computer security. Did you all catch 60 Minutes last night? Hackers got into the retailer TJX computer system via poor wireless security, the stores were using WEP. Millions of credit cards and other ID info was stolen, the hackers had access for over a year.
Comments are currently closed. Please email the author instead.
Recent Headlines - Updated July 9th
- Thu, 4:29 PM
- News - SEC Investigating Jobs Health Disclosures
- 3:50 PM
- Ted Landau's User Friendly Blog - User Interface Blues
- 3:42 PM
- Reports - Chrome OS Complicates Apple & Google Boards of Directors
- 1:08 PM
- Deal Brothers - Life ‘09 Software Drops to $59.99 Delivered
- 11:06 AM
- News - TechRestore Posts Stop-motion iPhone 3GS Breakdown
- 10:17 AM
- Hot Forum Topic - Parallels versus Fusion: Reader Favorites
- 9:32 AM
- Product News - LaCie Unveils LaCinema Rugged HD Multimedia Hard Drive
- 8:54 AM
- Product News - CheckUp 2.5 Adds Snow Leopard, New Mac Support
- 8:37 AM
- News - Latest Microsoft Ad Hits at MacBook Price Again
- 8:06 AM
- TMO Appearances - TMO’s Jeff Gamet Dives into Social Media at CoMUG
- 7:30 AM
- The Back Page - Looking Ahead at the App Store’s Future
- Wed, 6:48 PM
- Games - Pipe Mania Puzzle Game Released for Mac, iPhone
The Mac Observer Reader Specials
- Download Typestyler, still the Ultimate Styling Tool for Internet, Print and Video Graphics. Works great in Classic with a Native OS X Version on the way. Free Tryout: www.typestyler.com
OWC: Big Drives, High Performance - Not High Prices! SATA 3.5" up to 1.5TB. Notebook up to 500GB. FW up to 6.0TB. 1.0TB Drive Models from as low as $97.99 www.MacSales.com
If you're using a Mac, then you've gotta check out Full Tilt Poker for Mac. This Full Tilt Poker bonus code does the unthinkable, it actually rewards!
RamJet Memory: MacBook and MacBook Pro 4GB kits for $57.99! Mac Pro 4GB Kits $99.99! iMac and Mac mini 4GB Kits for $57.99! 1TB SATA Hard Drives for $109.99! Click hereFor the latest Apple products use Ciao, a price comparison website, to find laptops like MacBook Air. Then find the best prices on MP3 players and use our comparison tool to evaluate mobile phones like the Apple iPhone.
Laptop Hardware Provided by TechRestore - Overnight Mac & iPod Repairs.
