back to article QuickTime streaming media exploit targets unpatched bug

Hackers have created a proof-of-concept exploit for an Apple QuickTime player streaming media vulnerability. Release of the exploit on Sunday follows hot on the heels of the public disclosure of the as-yet-unpatched buffer overflow bug, which involves the QuickTime RTSP (Real Time Streaming Protocol) Response Header, on 23 …

COMMENTS

This topic is closed for new posts.
  1. Anonymous Coward
    Flame

    Generic Fanboy Response.

    If you had <Insert software title> runing on <Insert O/S>, then this wouldn't happen. It serves you right for running <Insert software title> on the crappy <Insert O/S>, so you get what you <Insert insult> deserve.

    Thankyou.

  2. Henk

    Pardon me?

    Pending a patch from Microsoft...

    This is a typo right? Or do we really rely on Microsoft to put out a patch for quicktime which casues problems mainly through Firefox.

  3. Anthony

    Simple answer :

    "avoid following links to untrusted Web sites."

    along with "don't open dodgy emails" and "don't run dodgy programs" this mantra should keep anybody safe.

    But surely the whole point of being phished is that you THINK it's a trusted website?

  4. amanfromMars Silver badge
    Pirate

    Windows Advantage ...?

    "But surely the whole point of being phished is that you THINK it's a trusted website?"

    Some trusted web sites even land the phishes themselves with automatic updates.

  5. kain preacher

    @By Henk

    "Pending a patch from Microsoft, users are advised to restrict outbound connections on port TCP 554 using their firewalls, "

    Sounds like whats happening is Apple is say hey let your fire wall soft ware fix out bugs.

  6. Alan Donaly
    Alert

    Symantec wrong, maybe.

    It's possible either US-CERT or Symantec are wrong the following from isc.sans update of earlier diary.

    "We have received a report that exploits are now working for Vista, XP, IE6, IE7, and Safari 3.0 on Windows. Keep in mind that other attack vectors may be vulnerable as well."

    As well as firefox.

    if so maybe thats why MS would want to patch it.

This topic is closed for new posts.