News

Apple Patches QuickTime Flaw

By the Betanews Staff | Published January 24, 2007, 12:09 PM

Apple patched a QuickTime exploit Tuesday that was revealed by researchers who were investigating bugs within the Macintosh operating system and third-party products for it as part of the "Month of Apple Bugs" program. In total, 31 vulnerabilities will be listed. In this specific flaw, a specially crafted Web site could be used to cause a buffer overflow vulnerability in order to execute arbitrary code.

The fix would force QuickTime to perform additional validation of the RTSP URL, which should prevent the application from launching malicious ones. As of Wednesday, the QuickTime bug was the only issue patched by Apple itself.

Comments

View comments by with a score of at least

Natrunner
Jan 24, 2007 - 6:15 PM

I have to smile at this story. Apple disciples have always said the product is perfect when it hits the shelves....well..maybe not sooo perfect.

Score: 0

|
Post Reply
Tenoq
Jan 24, 2007 - 11:06 PM

No, the disciples usually just point out that security isn't really a problem on a Mac, not that there aren't any holes. Bottom line is, no-one writes viruses for Mac. :P

Score: 0

|
Post Reply
thegreatfixer
Jan 24, 2007 - 4:11 PM

what about quicktime alternative does it have the same flaw http://fileforum.betanews.com/detail/1049831315

Score: 0

|
Post Reply
xpaddict
Jan 25, 2007 - 3:42 AM

Thats what I want to know too.

Score: 0

|
Post Reply
imafurby
Jan 24, 2007 - 2:34 PM

What, a worm in the Apple? Noooooooo!

Score: 0

|
Post Reply

Microsoft's Ray Ozzie: 'Nobody's going to be 100% open'

The mobile apps ecosystems of the world may converge over time, led by apps being ported over across platforms, according to the Chief Software Architect.

Will Firefox beat IE9 to Direct2D rendering?

Just days after Microsoft executives gave conference attendees a peek at a new rendering technology, a Mozilla contributor revealed he's working on the same thing.

Where there's smoke: Apple warranty stance raises troubling questions

Carmi Levy | Wide Angle Zoom: Smoking can be dangerous not only for your lungs, it appears, but for your Apple hardware warranty.

AOL's decision to rebrand as Aol. takes a bad brand and makes it worse

The idea behind the social Web is to crowd source before bringing out something new. But not at AOL, which new logo debuted with a cry of "fail!" across the blogosphere and Twittersphere today.

Microsoft 'worked with Apple' for Silverlight on iPhone, says Goldfarb

By not making such a big deal out of trying to stream video to the iPhone, Microsoft got a big deal out of it, revealed the Silverlight product manager.

Clicker.com cuts through the Web video chaos

In a world where homemade video and Hollywood movies travel the same pipeline, it's good to have a real search engine to cut through the clutter.

A case study in improving software: What Office 2010 can learn from Notion 3

A music composition product gambles with a complete overhaul, in an effort to make headway against two well-known competitors in a tough market.

Kindle 2 update adds battery life, native PDF reader

Amazon has pushed out an update to the Kindle 2 e-reader that lengthens battery life and adds a native PDF viewer.

Safari on iPhone gets competition from a $1 browser app

Apple likes to say it gives iPhone users a full browsing experience, but a new competitor tries to incorporate more desktop browser features.

Action Replay maker sues Microsoft for Xbox 360 'predatory technological barriers'

Third-party video game accessory maker Datel has filed an antitrust lawsuit against Microsoft over the Xbox 360's recent Dashboard update.

Microsoft's Bob Muglia and Ray Ozzie on Silverlight vs. standards

Bob Muglia: "We're trying to provide people with an environment that has capabilities that you just simply can't do today in the standards-based world."