Terri Forslof, manager of security response at 3Com's TippingPoint division, which rewarded $10,000 to security researcher Dino Dai Zovi after finding a flaw for Apple’s Safari browser in last week's CanSecWest security conference, has disclosed that the vulnerability actually lies in the way Apple's QuickTime Media Player works with the Java programming language. QuickTime runs on both Windows and the Mac, meaning both operating systems can be attacked.
The bug "is the equivalent to a 'click and you're owned' vulnerability," said Forslof. Because the flaw has not been publicly disclosed, it is not considered to be a significant threat to QuickTime users. Dai Zovi, who lives in New York, used a URL to expose the hole. He said he has reported at least eight security vulnerabilities to Apple and has had "nothing but positive interactions" with the company.
News source: PC World
The bug "is the equivalent to a 'click and you're owned' vulnerability," said Forslof. Because the flaw has not been publicly disclosed, it is not considered to be a significant threat to QuickTime users. Dai Zovi, who lives in New York, used a URL to expose the hole. He said he has reported at least eight security vulnerabilities to Apple and has had "nothing but positive interactions" with the company.
News source: PC World
VLC despite it's horrible interface (it's getting better) is way better
iTunes crushes MP though, but on the music side only.
So, Apple can go a head use QuickTime to show how suck PCs are hahahahaah
So, Apple can go a head use QuickTime to show how suck PCs are hahahahaah
You idiot
Knew it talked to JavaScript though.
The activex control is a quicktime player that's embedded in the browser window.
Macs and Apple software are insecure.
Windows and PC's are the best.
Macs and Apple software are insecure.
Windows is the best at being insecure.
there fixed that for you...
Macs and Apple software are insecure.
Windows is the best at being insecure.
there fixed that for you...
Of course. No one would try to hack a piece of sh-- OS.
It's better in many ways actually, security being #1.
It's better in many ways actually, security being #1.
I always wonder how through personal experience someone can say that one product is more secure than another. Vista with Microsoft's new focus on security is much more secure. . because someone says so. MacOS is always secure because. . someone says so. These almost religious beliefs are at most, entertaining. Show me a complete code review of both operating systems, and then tell me which is more secure. Please leave your opinions at the door.
"We now return to the regularly scheduled religious deba-- fanboy postur-- fangirl postur-- mindless Internet forum argu--. . . oh **** it."
It's better in many ways actually, security being #1.
I always wonder how through personal experience someone can say that one product is more secure than another. Vista with Microsoft's new focus on security is much more secure. . because someone says so. MacOS is always secure because. . someone says so. These almost religious beliefs are at most, entertaining. Show me a complete code review of both operating systems, and then tell me which is more secure. Please leave your opinions at the door.
"We now return to the regularly scheduled religious deba-- fanboy postur-- fangirl postur-- mindless Internet forum argu--. . . oh **** it."
Agreed, unless your a programmer or a hacker, please don't come in and tell me what is better or worse, we all know all OS's are insecure, and hey if they arent there is going to be some app that runs on it that makes it insecure. as i said in a post on another article, The OS is only as secure as the apps that run on it. You all go write an OS and we will see how secure you make it
IE7 on Vista is not vulnerable.
And Windows doesn't ship with Java anymore by default anyway.
Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!
Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.