QuickTime flaw Could be next Menace for Users
In the United States, the fourth Friday in November is commonly referred to as "Black Friday" and traditionally marks the start of the Christmas shopping season, coming the day after Thanksgiving and forming part of an informal four or five day weekend. Windows QuickTime users might be marking Black Friday for another reason this year, with the emergence of a new threat to QuickTime, just two weeks after the latest version (7.3) was released.
A proof-of-concept exploit for a remote code execution vulnerability with the way that QuickTime interprets RTSP (Real Time Streaming Protocol) responses was posted on Black Friday, marking one of the first public disclosures of this vulnerability affecting the latest QuickTime versions. Normally there is some delay between proof-of-concept and public exploit code being published, with many proof-of-concept releases going no further than the initial publication. With this particular vulnerability, two exploit samples were released within 24 hours of the initial proof-of-concept.
At this stage, Apple have yet to release any information about the vulnerability, but there is mitigation advice available for concerned users and administrators.
There has also been no confirmation that the vulnerability affects the OS X version of QuickTime, but there is the possibility that it is also vulnerable given historical problems with QuickTime's RTSP support on OS X.
With the widespread coverage of OS X-specific malware earlier this month, and the ease with which this new exploit could be integrated with a malicious media stream, users and administrators of both OS X and Windows systems, who also have QuickTime installed, need to be cautious about their risk exposure and mitigate as appropriate against this new threat.
25 November 2007
Do you like how we cover Information Security news? How about checking out our company services, delivered the same way our news is.
Let our Free OS X Screen Saver deliver the latest security alerts and commentary to your desktop when you're not at your system.Comments will soon be available for registered users.