Wednesday, February 06, 2008

Apple Plugs QuickTime Malware Installation Hole

Ryan Naraine writes on eWeek:

The company acknowledges the bug could lead to drive-by malware installations on Windows and Mac machines.

Apple has issued a patch for a high-profile vulnerability in its flagship QuickTime media player, acknowledging that the bug could lead to drive-by malware installations on Windows and Mac machines.

With QuickTime 7.4.1, the company provides cover for a heap buffer overflow in QuickTime's handling of HTTP responses when RTSP (Real Time Streaming Protocol) tunneling is enabled.

Apple warned that malicious hackers could use booby-trapped Web pages to "cause an unexpected application termination or arbitrary code execution."

More here.

0 Comments:

Post a Comment

<< Home