Apple QuickTime exploit published

Security researchers are warning that exploit code has been published that can take advantage of an extremely critical security flaw in a protocol supported by Apple QuickTime.

Apple QuickTime versions 7.2 and 7.3 on Windows Vista and Windows XP Pro SP2 are both affected, according to an advisory originally posted on Milw0rm.com.

And because Apple's iTunes contains a component of QuickTime, installations of iTunes are also at risk, according to a security advisory by the United States Computer Emergency Readiness Team (US-Cert).

The security flaw is found in the Real Time Streaming Protocol (RTSP) supported by Apple's QuickTime Streaming Server and QuickTime player, US-Cert notes. As a result, users who load a malicious RTSP stream via a QuickTime Media Link file or by visiting a malicious Web page, may find their systems compromised. Malicious attackers, for example, could execute arbitrary code from users' systems or launch a denial-of-service attack.

View: news.com

Report a problem with article
Previous Story

MySpace plans Facebook-style news feeds

Next Story

Firefox 2.0.0.10

32 Comments

Commenting is disabled on this article.

I never got why Apple even had to write their own media system for Windows.

Why the hell can't they just use DirectShow or Media Foundation? They're right there, and if Quicktime was just a frontend for it, you probably wouldn't have these issues, and you'd have the added bonus of any of Apple's filters making things work for the entire system -- And not just for Quicktime.

But these are the same people who have to reinvent the Window and all controls for iTunes and Safari, so maybe they just enjoy doing crap like that?

They must. After reading this, I decided to remove quicktime from my computer. Now iTunes no work. Uninsulated that too. I like the radio stations on iTunes, that's the only reason I have it installed. Now I'm just gonna stick to MP3s that are already on my computer.

when will this QuickTime flaws stop?
i use quicktime alternative or QTLite for they are affected as they use the original Apple components.

I hope this ends soon. Maybe people can create some sort of online security committee or something and fine companies that pose such a threat in their software to users security. I mean, some flaws with software are totally understandable, but come on, quicktime is getting this type of flaws almost wekkly...

Uninstalled Quicktime, yet again, due to a security problem. Think I just leaving it off forever this time too, as I realize that movie trailers on Apple Trailers is the ONLY thing I ever use Quicktime for anyway.

xpgeek said,
Uninstalled Quicktime, yet again, due to a security problem. Think I just leaving it off forever this time too, as I realize that movie trailers on Apple Trailers is the ONLY thing I ever use Quicktime for anyway.

Same for me, I now use YouTube so I don't need Quicktime installed.

I might add, a PC is Adobe-Friendly from out of the box, so no need to include here speeches about the Creative Content Creation... cause Windows XP has proven the fastest Photoshop platform on the planet... this being tested with a MacBook Pro on Vista, XP and MacOS X. Guess what: Vista came second... so that puts Mac Os in... wait.

Let's not forget that the Windows config was ALSO running security programs.

Was it CS2 or CS3? Because if it was CS2, then Photoshop would have been running under Rosetta (Read: A PPC app being emulated).

osirisX said,
Was it CS2 or CS3? Because if it was CS2, then Photoshop would have been running under Rosetta (Read: A PPC app being emulated).

Yes, and if it's not running under Rosetta, that means it's the Intel-based code and is probably the SAME code as the Windows version with a Mac front-end.

sadly you are wrong... it affect windows counterpart but certainly is apple fault.
why to change to a mac that after some minutes it freeze?

Just like upgrading video cards, processors and mother boards (or logic boards, if you prefer that term). You know what else does not exist for mac? A HUGE variety of games and other software. I'll take options over lock down, even if I have to be careful about where I go on the net. Since I have many options for security on my PC, it's not really a problem. I'm sure that's hard for you to comprehend.

internetworld7 said,
Yet another reason to switch to a Mac, exploits and flaws simply don't exist on a Mac. :cool:

You're either trying to start a flame war or you have been very much misinformed.

Either way, you’re way off.

virtorio said,

You're either trying to start a flame war or you have been very much misinformed.

Either way, you’re way off.

lol, sarcasm is the hardest thing to detect on the internet

tsupersonic said,
lol, sarcasm is the hardest thing to detect on the internet ;)

If you read his other posts, they're all the same. He's not joking.

LMFAO,

it is MAC software, are you completely insane, switch to a mac becasue macintosh has released dodgy app for Windows. i can't believe you even wrote that.

internetworld7 said,
Yet another reason to switch to a Mac, exploits and flaws simply don't exist on a Mac. :cool:

Except when they do. :suspicious: