Another zero-day exploit for QuickTime
US-CERT and Information Week are reporting a new vulnerability in QuickTime's handling of RTSP streams, which has been demonstrated to crash QuickTime Player on Windows and may also affect the Mac version. See the writeup by researcher Luigi Auriemma, who first announced the flaw.Unlike the RTSP bug patched in QuickTime 7.3.1 last month, this vector works by overflowing an HTTP error buffer sent when the RTSP port 554 is closed on the malicious server, and the QuickTime client tries to switch to port 80. Sneaky.
Since we're almost certain to see iTunes 7.6 and possibly QuickTime 7.3.2 at Macworld anyway, expect another rev of QuickTime to close this hole after those versions ship -- since Apple wasn't notified in advance of this hole, it's unlikely to be caught in the pending updates, as commenter Nicholas points out (unless Apple found the vector independently).
Share
Categories
US-CERT and Information Week are reporting a new vulnerability in QuickTime's handling of RTSP streams, which has been demonstrated to...
Add a Comment
I don't think this qualifies as a zero-day exploit. It certainly was unknown before, but there is no "exploit." A 0-day exploit is when malicious code is spotted in the wild that takes advantage of a previously unknown flaw. If researchers are announcing this and there is no malicious code in the wild, it's not an exploit (and, hence, not a 0-day exploit). So let's not get all crazy....
January 11 2008 at 4:37 PM Report abuse Permalink rate up rate down ReplyPossible vector for any type of attack? Virus? Takeover of my computer? Someone please decode this for the _rest_of_us_.
Thanks!
Dave
hmm.. possible vector for iPhone 1.1.3 entry?
January 11 2008 at 12:57 PM Report abuse Permalink rate up rate down Replyhmm.. possible vector for iPhone 1.1.3 entry?
hmm.. possible vector for iPhone 1.1.3 entry?
January 11 2008 at 12:57 PM Report abuse Permalink rate up rate down ReplyThe Information Week article points out that Apple was not notified ahead of time about this exploit. Also it should be noted that a zero-day exploit usually refers to an exploit previously unknown to the product developer. That said, don't expect that the new versions of iTunes and Quicktime to be (potentially) released at MacWorld will patch this issue.
January 11 2008 at 12:49 PM Report abuse Permalink rate up rate down ReplySorry, I missed a couple of words in the last graf -- meant to imply that the fix will be AFTER Macworld. Working on it.
Zero-day can mean either unknown to the vendor or simply no patch available:
http://en.wikipedia.org/wiki/Zero_day
Hot Apps on TUAW
Deals of the Day
more deals- Altec Lansing Octiv Duo iDock for $48 + free shipping
- Used Apple iMac 17" Core 2 Duo 1.83GHz for $430 + $28 s&h
- Lounge Deluxe Stand for iPhone / iPod touch for $28 + $8 s&h
- Brookstone Surround-Sound Earbuds for $14 + $7 s&h
- Refurbished Skullcandy Tokidoki Smokin' Buds Mic'd Headset for $5 + $2 s&h
- Stitchway Backup Battery for iPod / iPhone for $5 + free shipping
Software Updates
more updates- EFI Firmware Update brings Lion Internet Recovery to 2010-model Macs
- OS X Lion 10.7.3 released with Safari 5.1.3, Wi-Fi bug fix
- Aperture updated to 3.2.2, addresses Photo Stream issue
- Apple updates Keynote to address Lion issues
- Google Search app gets new look on iPad
- Apple releases Apple TV Software Update 4.4.3
Featured Stories
more stories
Popular Stories
TUAW (or The Unofficial Apple Weblog) is a website devoted to tips, reviews, news, analysis and opinion on everything Apple.
7 Comments