Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Quicktime bug hits Windows

Notifications for Security Updates, as well as News and Information from across the web - mostly security minded.

Update Contributors: Members of the Malware Removal University.

Quicktime bug hits Windows

Unread postby Jase123 » November 26th, 2007, 2:56 pm

Security researchers have warned that an unpatched bug in Apple's QuickTime software could leave Windows users vulnerable to attack. As of yesterday, there was no confirmation as to whether the Mac OS X versions of the media player are also vulnerable.

The critical bug in QuickTime 7.2 and 7.3 is in the player's handling of the Real Time Streaming Protocol (RTSP), an audio/video streaming standard. According to alerts posted by Symantec and the US Computer Emergency Readiness Team (US-CERT), attackers can exploit the flaw by duping users into visiting malicious or compromised websites hosting specially-crafted streaming content, or by convincing them to open a rigged QTL file attached to an email message.

Symantec credited Polish research Krystian Kloskowski with first reporting the zero-day vulnerability on Milw0rm. By Saturday, Kloskowski and an unnamed researcher identified as "InTeL" had followed up with separate proof-of-concept examples that executed on Windows XP SP2 and Windows Vista machines running QuickTime 7.2 or 7.3.

A successful exploit would let the attacker install additional malware - spyware or a spambot, say - or cull the system for information like passwords. An attack that failed would likely only crash QuickTime.

A gaffe by Apple's developers, however, makes attack easier on Vista, said InTeL, who claimed that the QuickTimePlayer binary does not have Address Space Layout Randomisation (ASLR) enabled. ASLR is a Vista security feature that randomly assigns data and application components, such as .exe and .dll files, to memory to make it tougher for attackers to determine the location of critical functions or vulnerable code.

Apple's forgetfulness prompted Symantec analyst Anthony Roe to note: "This makes reliable exploitation of the vulnerability a lot easier."

Another Symantec researcher, Patrick Jungles, added that QuickTime vulnerabilities usually draw attackers quickly. "In the past, we have seen a very short period of time between the release of proof-of-concept exploits for QuickTime vulnerabilities and the development of working exploits by attackers," said Jungles in a note to customers of his company's DeepSight threat network. "Popular applications such as QuickTime are strong candidates for exploitation in the wild."

Apple last patched QuickTime less than three weeks ago when it released version 7.3 to fix a number of critical image-rendering and Java-related vulnerabilities. So far in 2007, Apple has issued six QuickTime security-related updates that have fixed a total of 31 flaws.
Banned Member
Posts: 57
Joined: September 28th, 2007, 4:48 pm
Location: England
Register to Remove

Re: Quicktime bug hits Windows

Unread postby Jase123 » November 26th, 2007, 2:57 pm

Bump - to remove from zero replies.
Banned Member
Posts: 57
Joined: September 28th, 2007, 4:48 pm
Location: England

  • Similar Topics
    Last post

Return to News Desk

Who is online

Users browsing this forum: No registered users and 3 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware