“Hackers now have sample attack code for the newest QuickTime vulnerability that can hijack Macs, including machines running the latest flavor of Mac OS X, Leopard, security researchers warned today,” Gregg Keizer reports for Computerworld.
“The news came just days after a bug in QuickTime’s handling of the Real Time Streaming Protocol (RTSP), a audio/video-streaming standard, was disclosed on the milw0rm.com Web site. Proof-of-concept exploit code that worked against Windows XP SP2 and Windows Vista followed shortly after,” Keizer reports. “But even though analysts confirmed on Monday that Mac OS X versions of QuickTime 7.2 and later are also vulnerable, it took several more days for other researchers to craft a reliable exploit.”
“According to the proof-of-concept, the Metasploit module works on Intel- and PowerPC-based Macs running either Mac OS X 10.4 (Tiger) or 10.5 (Leopard). It also executes on PCs running Windows XP SP2,” Keizer reports.
“Symantec urged users to disable Apple QuickTime as an RTSP protocol handler and filter outbound traffic over the most common (but not the only available) posts used by RTSP, which include TCP port 554 and UDP ports 6970-6999,” Keizer reports. “Apple has not yet issued a fix for QuickTime RTSP bug, but when it does, the update will be the media player’s seventh security-related fix this year.”
Links and more details in the full article here.
Anyone else seeing Russian when you go to Google.com?
Google was poisoned by a attack attempting to trick users to visit malicious sites targeting exploits in Internet Explorer.
Google has since banned those sites.
But it would be a GOOD thing to reset Safari to clear out the caches.
“attackers can exploit the flaw by duping users into visiting malicious or compromised Web sites hosting specially-crafted streaming content, or by convincing them to open a rigged QTL file attached to an e-mail message.”
If I’m dumb enough to do all the above, then I deserve what I get!
And how is this even close to a Windows exploit which can occur without any of my input?
“And how is this even close to a Windows exploit which can occur without any of my input?”
Because it’s exactly like 99% of Windows exploits, most of which which work in this manner.
“If I’m dumb enough to do all the above, then I deserve what I get!”
The weakest part of the security in any consumer OS today is the large slab of meat located between the keyboard and the chair which routinely does stupid things to compromise the OS.
If the meatware were eliminated, the vast bulk of today’s exploits would be too.
But to answer your point, if people are “dumb” because they choose to open an email, browse to a web page or view a QuickTime movie then there’s very few things they can do on their systems that you wouldn’t class as dumb. In this instance the problem is QuickTime not adequately protecting the Meatware subsystem from exploitation.
To expect the reverse, that the Meatware subsystem will protect the Quicktime subsystem from exploitation is just foolish.