Quicktime bug poses immediate threat
An exploit in the Apple Quicktime application is the headliner in a project known as the Month of Apple Bugs (MOAB), aimed at unveiling security holes in the Mac OS X operating systems.
The flaw, which also affects Windows users, deals with how Quicktime handles a specific URL address. Media streamed from an "rtsp ://" address could be exploited to overflow a stack’s buffer, according to the MOAB bulletin. The hole offers the possibility of "leading to an exploitable remote arbitrary code execution condition," which means that the user’s PC could be seized by a hacker.
There is not yet an actual fix for the exploit, though users can prevent possible attacks by disabling Quicktime from running "rtsp :// content".
MOAB is a project with the goal of dispelling the myth that Apple computers are immune from viruses and bugs, and is from the same people behind last November’s Month of Kernel Bugs project.
- YouTube fails to implement copyright identification
- Asustek to showcase notebook audio-visual workstation at CES
- Via boosts use of self-developed C7 processor in consumer electronics
- Small- to medium-size display shipments reached record high in Q3 06
- OCZ wants a slice of the enthusiast graphics market
- Foreign evidence allowed in Intel antitrust case
- Apple's Jobs apparently in the clear in options probe
- IT administrator gets 8 years for cyber sabotage
- Sony settles with 40 more states in rootkit debacle
- Semiconductor industry to post record sales result for 2006
- Xbox 360 outsells Wii, PS3
- Sparkle overclocks Nvidia's 8800 graphics chips
- CES 2007: Showtime to launch video download service for Windows Vista
- Diamond ships PC HDTV tuner
- Hitachi offers new NAS-aimed multimedia search
- CES 2007: Patriot to demonstrate 1302 MHz memory modules
- CES 2007: Fujitsu to demo H.264 IC for HD recording
- Sirius tops six million subscribers
