Get Visual Studio 2010 Beta 2

Its a Month of Apple Bugs; for Some!

Its a Month of Apple Bugs; for Some!

Techtree News Staff, Jan 03, 2007 1408 hrs IST

A zero-day flaw in Apple Computer's QuickTime media player has been posted, kicking off a project quite strangely titled, "Month of Apple Bugs" (MoAB).

E-Mail Print

A zero-day vulnerability in Apple Computer's QuickTime media player has been posted, kicking off a project quite strangely titled as the "Month of Apple Bugs" (MoAB).

What has also been posted is an exploit that can be used by hackers to compromise, hijack, or infect computers running Microsoft Windows or Apple Mac OS X.

The QuickTime vulnerability lies in the way the media player software handles Real Time Streaming Protocol or RTSP. An attacker can create a special RTSP string in a rigged QuickTime file that would cause a buffer overflow.

The vulnerability affects QuickTime 7.1.3 on both Mac OS X and Windows systems. Previous versions of QuickTime could also be vulnerable.

A sequel to the 'Month of Kernel Bugs' project, MoAB is hosted by a hacker who goes under the initials, LMH, and a researcher, Kevin Finisterre, who has posted several such Mac vulnerabilities on his Web site.

MoAB takes upon itself the task of announcing a new security vulnerability in Apple's OS or other Mac OS X software each day of this month.

Of the QuickTime vulnerability, LMH says, "The risk is having your system compromised by a remote attacker, who can perform any operation under privileges of your user account. It can be triggered via JavaScript, Flash, common links, QTL files, and any other method that starts QuickTime."

Both LMH and Finisterre write about the vulnerability on the MoAB Web site, saying that exploitation of this bug is trivial, and that the associated exploit code has been tested on Mac OS X running on Intel-based systems, and works against QuickTime 7.1.3, the current version of the player.

However, Danish security major, Secunia, has given the bug a 'highly critical' rating.

Apple, on its part, continues to remain non-committal. In an email, a spokesperson for Apple has said the company takes security very seriously, and that it welcomes feedback on how to improve security on the Mac.

In any case, till such a time this potential bug is patched, users are advised to cripple QuickTime's ability to process rtsp:// links.

As regards users of Microsoft Windows, they are advised to launch QuickTime, select Edit|Preferences|QuickTime Preferences, click the File Types tab, expand Streaming, and clear the box marked "RTSP stream descriptor".

Users of Mac OS X are advised to select System Preferences|QuickTime|Advanced|MIME Settings|Streaming|Streaming Movies, and clear the "RTSP stream descriptor" box.

(All fields are mandatory.)

Text Limit = 255 Characters

Type the characters you see in the picture below.

#

Characters are not case sensitive.



USER COMMENTS

Well, I think that if those "computer hackers" were able to infect other softwares like QuickTime 7.1.3 on both Mac OS X and Windows systems, Other computer software programs like spyware and Norton antivirus programs should be developed for the protection of those concerned, about this problem.

by Roberto, Miami, on Jan 04, 2007 09:47 AM, Report abuse   Reply

You say "users are advised." Please tell us who is providing this free advice--Apple or LMH/Finisterre?

by Dave, New York, on Jan 03, 2007 10:26 PM, Report abuse   Reply

Missed the first two. Cleared RTSP stream descriptor on my Intel iMac. Have done the 36 security updates on XP Pro SP2 Boot Camp partition. In 9 years have never had an Apple attack. have lost count on Windows.

by Greg Barker, Boulder Creek, on Jan 03, 2007 03:23 PM, Report abuse   Reply

The reason for that is not because Apple computers are designed better, it is because no hacker wants to waste his/her time on a system that will only affect 2.4% of the computers in the world (http://www.macworld.com/news/2002/07/03/marketshare/). I think it is great that someone is showing that apple is not superior. Apple should be happy about these attacks, because it shows that they are picking up more market share. The downside is that they will not be able to say that they are invincible anymore.

by Anonymous, Seattle, on Jan 03, 2007 10:14 PM, Report abuse

HA!

by Bruce, Los Angeles, on Jan 03, 2007 08:49 PM, Report abuse   Reply

Security through obscurity! I love it! Thought this was impossible on a mac. Wait, no i didn't, you did.

by Anonymous, redmond, on Jan 03, 2007 08:21 PM, Report abuse   Reply

HOT STUFF

visual_studio
Try Visual Studio 2010 Beta 2 Now

Sauerbraten
Top 5 cameras under Rs. 10,000

Sauerbraten
Build a High-end Gaming PC

Sauerbraten
Entry-level PC for about 20K

Sauerbraten
Mid-range Gaming PC for about 35K

Sauerbraten
Mobile Phone Buyers' Guide