Mac hacked through QuickTime flaw

The security hole used to breach a MacBook in a hack-a-Mac competition last week lies in Apple's QuickTime media player, the flaw finder said Tuesday. The vulnerability is related to how QuickTime handles Java, said security researcher Dino Dai Zovi. An attacker can exploit the bug through Safari or Firefox, he said. Initial reports were […]

Share online:

The security hole used to breach a MacBook in a hack-a-Mac competition last week lies in Apple's QuickTime media player, the flaw finder said Tuesday. The vulnerability is related to how QuickTime handles Java, said security researcher Dino Dai Zovi. An attacker can exploit the bug through Safari or Firefox, he said. Initial reports were that the flaw was in Safari, Apple's Web browser.

"It is a vulnerability within QuickTime. Safari and Firefox on Mac OS X are vulnerable," Dai Zovi said. QuickTime is also widely used on Windows machines, so Windows users may also be at risk, he said. "At this time, Firefox on Windows is considered at risk," Dai Zovi said.

Security monitoring company Secunia deems the flaw "highly critical," one notch below its most serious rating. "This can be exploited to execute arbitrary code when a user visits a malicious Web site," Secunia said. Apple's most recent QuickTime security update was in March.

View: Full post

Apple, Mac, QuickTime, Flaw, Vulnerability, bug, Hack, Hacker,Hacked, Intrusion

About The Author

Deepak Gupta is a IT & Web Consultant. He is the founder and CEO of diTii.com & DIT Technologies, where he’s engaged in providing Technology Consultancy, Design and Development of Desktop, Web and Mobile applications using various tools and softwares. Sign-up for the Email for daily updates. Google+ Profile.