Symantec: QuickTime Flaw Poses Security Threat
Symantec: QuickTime Flaw Poses Security Threat
by , 8:50 AM EST, November 26th, 2007
The security and virus protection software company Symantec is warning that Apple's QuickTime Player application may be open to malicious attacks. According to the company, both QuickTime 7.2 and QuickTime 7.3 are vulnerable to attacks that could lead to denial of service conditions or the execution of unauthorized code on the user's PC.
Symantec claims the threat stems from the way QuickTime Player handles RTSP Response headers. A specially-crafted header could create a buffer overflow because QuickTime apparently does not properly bounds-check incoming data.
The company did not state if this is a Windows-only problem, or if Mac OS X users are at risk, too. Since an attacker could use this flaw to remotely install applications without user consent, however, this is most likely a bigger threat to Windows users because Microsoft's operating systems are routinely the targets of malware and spyware attacks.
Observer Comments
Mon Nov 26, 2007 12:56 pm Subject: Windows only
I read over on CNET that it is a Windows only exploit.
Speaking of computer security. Did you all catch 60 Minutes last night? Hackers got into the retailer TJX computer system via poor wireless security, the stores were using WEP. Millions of credit cards and other ID info was stolen, the hackers had access for over a year.
Comments are currently closed. Please email the author instead.
Recent Headlines - Updated November 21st
- Fri, 7:07 PM
- Games - Soccer Sim Championship Manager 2010 Released for Mac
- 6:47 PM
- Games - EA Publishes Original Monopoly for iPhone
- 6:15 PM
- News - Original Apple I on Ebay for $50K, w/Letter from Steve Jobs
- 6:11 PM
- Games - New iPhone Games: Secret of the Lost Cavern Ep 1, New DJ Nights, More
- 5:47 PM
- Games - Star Trek D-A-C Game Headed to the Mac Next Month
- 4:57 PM
- Product News - TidBITS Releases “Take Control of Syncing Data in Snow Leopard”
- 4:26 PM
- John Martellaro's Blog - Particle Debris (week ending 11/20) Stationery Pads Go Poof
- 2:59 PM
- Free on iTunes - Musée du Louvre, Art Lite, SketchBook Mobile X and More.
- 1:50 PM
- Deal Brothers - Acer P215H bmid 21.5” Widescreen LCD Monitor: $139.99
- 11:24 AM
- TMO Appearances - Jeff Gamet Shares More Holiday Gift Ideas on MacJury
- 10:43 AM
- Product News - Cocktail 4.5 for Leopard Adds QuickLook Cache Clearing
- 10:06 AM
- News - Hack Enables Mac OS X 10.6.2 on Netbooks
The Mac Observer Reader Specials
- TypeStyler For Mac OS X is Now Shipping! Download The Free Fully Functional 60 Day Tryout at www.typestyler.com
OWC: Get the Right Memory for Your Mac Top Quality, Competitive Price, Lifetime Backed Free Expert Support + Installation Videos too! MacBook & mini 8GB, iMac 16GB, Mac Pro up to 32GB. Click here
If you're using a Mac, then you've gotta check out Full Tilt Poker for Mac. This Full Tilt Poker bonus code does the unthinkable, it actually rewards!For the latest Apple products use Ciao, a price comparison website, to find laptops like MacBook Air. Then find the best prices on MP3 players and use our comparison tool to evaluate mobile phones like the Apple iPhone.
Laptop Hardware Provided by TechRestore - Overnight Mac & iPod Repairs.
