“Hackers now have sample attack code for the newest QuickTime vulnerability that can hijack Macs, including machines running the latest flavor of Mac OS X, Leopard, security researchers warned today,” Gregg Keizer reports for Computerworld.
“The news came just days after a bug in QuickTime’s handling of the Real Time Streaming Protocol (RTSP), a audio/video-streaming standard, was disclosed on the milw0rm.com Web site. Proof-of-concept exploit code that worked against Windows XP SP2 and Windows Vista followed shortly after,” Keizer reports. “But even though analysts confirmed on Monday that Mac OS X versions of QuickTime 7.2 and later are also vulnerable, it took several more days for other researchers to craft a reliable exploit.”
“According to the proof-of-concept, the Metasploit module works on Intel- and PowerPC-based Macs running either Mac OS X 10.4 (Tiger) or 10.5 (Leopard). It also executes on PCs running Windows XP SP2,” Keizer reports.
“Symantec urged users to disable Apple QuickTime as an RTSP protocol handler and filter outbound traffic over the most common (but not the only available) posts used by RTSP, which include TCP port 554 and UDP ports 6970-6999,” Keizer reports. “Apple has not yet issued a fix for QuickTime RTSP bug, but when it does, the update will be the media player’s seventh security-related fix this year.”
Links and more details in the full article here.