The Mac Observer

Skip navigational links

Featured Article: TMO Quick Tip - Stickies: New Notes from Selections

Symantec: QuickTime Flaw Poses Security Threat

by , 8:50 AM EST, November 26th, 2007

The security and virus protection software company Symantec is warning that Apple's QuickTime Player application may be open to malicious attacks. According to the company, both QuickTime 7.2 and QuickTime 7.3 are vulnerable to attacks that could lead to denial of service conditions or the execution of unauthorized code on the user's PC.

Symantec claims the threat stems from the way QuickTime Player handles RTSP Response headers. A specially-crafted header could create a buffer overflow because QuickTime apparently does not properly bounds-check incoming data.

The company did not state if this is a Windows-only problem, or if Mac OS X users are at risk, too. Since an attacker could use this flaw to remotely install applications without user consent, however, this is most likely a bigger threat to Windows users because Microsoft's operating systems are routinely the targets of malware and spyware attacks.

Observer Comments

Show: Subjects Only | Full Comments
Close Name:geoduck Posts: 1662 Joined: 30 Dec 2003
Subject:

Maybe QuickTime is vulnerable but I am always suspicious of warnings like this from companies that are in the business of selling security. This is especially true when they use words like 'may be open', 'could lead to', 'could create', etc. etc.

Close Name:Sir Harry Flashman Posts: 577 Joined: 08 Feb 2007
Subject: Windows only

I read over on CNET that it is a Windows only exploit.

Speaking of computer security. Did you all catch 60 Minutes last night? Hackers got into the retailer TJX computer system via poor wireless security, the stores were using WEP. Millions of credit cards and other ID info was stolen, the hackers had access for over a year.

Comment on this Article


You cannot edit your comments.   You cannot delete your comments.
Log in | Register | Having Problems? Reset TMO Cookies & Try Again
Username:   Password:   Log me on automatically each visit   

You are not logged in, and this post will appear as "Guest." Log in with your username and password from the TMO forums. If you do not have a username, you can register here.
Please note that guests are limited to including a maximum of two URLs per post.


Post A Comment
  Subject


  Your Comments



Please enter the word exactly as you see it in the image above. Registered users aren't prompted for this. Having trouble reading the image get a new one.


Recent Headlines - Updated Friday, May 9th, 2008

Fri., 6:00 PM
iPO Free on iTunes - Aussie UFOs, StrangeThings, Hometown Tales and More
5:30 PM
StrangeCharm - Fewer Particles, More Debris ( Week of May 5)
4:05 PM
MW: The New Rules for Buying a Mac
3:15 PM
OpenOffice 3.0 beta Released for Mac OS X
1:30 PM
Pogue: Time Capsule is So Simple, Just Ignore It
1:05 PM
C|Net: Why Apple Should Build a Game Console
10:45 AM
Hot Forum Topic - The iPhone's March Across the World
10:20 AM
Mailplane 2 Beta Includes OmniFocus Support
9:45 AM
iPodObserver - Apple Canada Offers $45 Credit in iPod Suit
9:05 AM
Apple Settles Power Adapter Suit
8:05 AM
Microsoft Dissolves Yahoo Proxy Board
7:30 AM
TMO Quick Tip - Tracking Application Updates in Dashboard
 

The Mac Observer Reader Specials

Apple Stock Quote

  • AAPL: $183.45. Change Today: -1.61.
  • (Prices delayed up to 20 minutes.)
  • Discuss in our Apple Finance Board

Hot Topics

Top Deals From DealsOnTheWeb