12/21/2005

iTunes and QuickTime flaw detailed

Filed under: — By Aviran Mordo @ 9:42 pm

Don’t open media files from sources you don’t trust–it may lead to your computer being hacked, a security researcher has warned.

Tom Ferris, an independent security researcher, has provided more details on a security flaw in Apple Computer’s popular iTunes and QuickTime software that could put systems running Windows and Mac OS X at risk of attack. He first disclosed the flaw in early December.

An attacker could commandeer a vulnerable computer by tricking a user into opening a malicious “.mov” media file, the Mission Viejo, Calif.-based bug hunter said in an advisory posted on his Security-Protocols.com Web site late Tuesday.

“The vulnerability allows an attacker to cause the program to crash and could allow the execution of arbitrary code,” Ferris said. “The flaw exists in all current and earlier versions of iTunes and QuickTime.”

Security-monitoring company Secunia rates the issue “moderately critical”, while the French Security Incident Response Team, a research outfit, tags it “critical.”

Source: News.com

 

Leave a Reply

You must have Javascript enabled in order to submit comments.

All fields are optional (except comment).
Some comments may be held for moderation (depends on spam filter) and not show up immediately.
Links will automatically get rel="nofollow" attribute to deter spammers.

Powered by WordPress