Attackers exploiting unpatched QuickTime flaw

Attackers are trying to exploit an unpatched vulnerability in Apple's QuickTime software that could let them run code on a victim's computer, Symantec warned in a DeepSight Threat Management System alert issued Sunday.First observed on Saturday, the attacks appear to be aimed at Windows users, but Mac OS users could also be at risk since […]

Attackers are trying to exploit an unpatched vulnerability in Apple's QuickTime software that could let them run code on a victim's computer, Symantec warned in a DeepSight Threat Management System alert issued Sunday.

First observed on Saturday, the attacks appear to be aimed at Windows users, but Mac OS users could also be at risk since the QuickTime vulnerability in question affects both operating systems, the alert said. That vulnerability, called the Apple QuickTime RTSP Response Header Stack-Based Buffer Overflow Vulnerability, was first disclosed on Nov. 23 and remains unpatched by Apple.

Researchers have shown that the QuickTime vulnerability affects a range of operating systems, including Windows XP, Windows Vista, MacOS X 10.4, and the recently released MacOS X 10.5, also called Leopard. The vulnerability can be exploited through Internet Explorer, Firefox, Opera, and Safari.

Full Article

Vunlerability, Exploit, Hacker, QuickTime

About The Author

Deepak Gupta is a IT & Web Consultant. He is the founder and CEO of diTii.com & DIT Technologies, where he's engaged in providing Technology Consultancy, Design and Development of Desktop, Web and Mobile applications using various tools and softwares. Sign-up for the Email for daily updates. Google+ Profile.