QuickTime's 9-year old backdoor allows takeover of Windows 7 machines

A security researcher has unearthed a "bizarre" flaw in Apple's QuickTime Player that can be exploited to remotely execute malicious code on Windows-based PCs, even running the most recent Windows 7 operating system. "The weird backdoor is an unused parameter called " _Marshaled_pUnk," which has been around since 2001, and was originally used to draw […]

A security researcher has unearthed a "bizarre" flaw in Apple's QuickTime Player that can be exploited to remotely execute malicious code on Windows-based PCs, even running the most recent Windows 7 operating system. "The weird backdoor is an unused parameter called " _Marshaled_pUnk," which has been around since 2001, and was originally used to draw contents in the current QuickTime window without opening a new one. The function is gone now, but that line of code was never deleted," reports The Register.

The presence of _Marshaled_pUnk creates the equivalent of an object pointer that an attacker can use to funnel malicious code into computer memory. Over the years, apps have contained so many of these types of errors that Microsoft eventually built architectural designs into Windows that reduced the damage that can be inflicted from attacks that exploit them.

[Source]