News

Apple Patches QuickTime Flaw

By the Betanews Staff | Published January 24, 2007, 12:09 PM

Apple patched a QuickTime exploit Tuesday that was revealed by researchers who were investigating bugs within the Macintosh operating system and third-party products for it as part of the "Month of Apple Bugs" program. In total, 31 vulnerabilities will be listed. In this specific flaw, a specially crafted Web site could be used to cause a buffer overflow vulnerability in order to execute arbitrary code.

The fix would force QuickTime to perform additional validation of the RTSP URL, which should prevent the application from launching malicious ones. As of Wednesday, the QuickTime bug was the only issue patched by Apple itself.

Comments

View comments by with a score of at least

Natrunner
Jan 24, 2007 - 6:15 PM

I have to smile at this story. Apple disciples have always said the product is perfect when it hits the shelves....well..maybe not sooo perfect.

Score: 0

|
Post Reply
Tenoq
Jan 24, 2007 - 11:06 PM

No, the disciples usually just point out that security isn't really a problem on a Mac, not that there aren't any holes. Bottom line is, no-one writes viruses for Mac. :P

Score: 0

|
Post Reply
thegreatfixer
Jan 24, 2007 - 4:11 PM

what about quicktime alternative does it have the same flaw http://fileforum.betanews.com/detail/1049831315

Score: 0

|
Post Reply
xpaddict
Jan 25, 2007 - 3:42 AM

Thats what I want to know too.

Score: 0

|
Post Reply
imafurby
Jan 24, 2007 - 2:34 PM

What, a worm in the Apple? Noooooooo!

Score: 0

|
Post Reply

Google Buzz: Another attempt to harness the content firehose

Similar to how Google successfully remolded RSS into a Google tool, the company now wants to remold Gmail into one big Google party

Success: Google's Nexus One shipping support line takes tech support questions

UPDATED Though the support line had been set up for shipping, it now appears Google personnel are happy to hear technical concerns.

Goodnight, moon: What I learned from a space shuttle

Carmi Levy | Wide Angle Zoom: Can the tech sector learn a few lessons from the space program? Certainly, if you believe in learning from someone else's mistakes.

Netflix to FCC: NBCU + Comcast could bypass net neutrality

Weaning itself from the post office as its main means of video transfer, Netflix would like someone to ensure the Internet remains just as unencumbered.

Rhapsody to become an independent company

RealNetworks and Viacom subsidiary MTV Networks have begun the process of spinning off music service Rhapsody into an independent company.

Nvidia debuts new dynamically-switched graphics card technology

Today, Nvidia announced that its Optimus technology for GPU switching will soon be available in a handful of Asus notebooks.

Google lowers 'unusually high' early termination fee on Nexus One

Google has lowered the Nexus One's early termination fees which were twice as high as the norm.

Netgear and Ericsson introduce a mobile broadband hotspot with a twist

It's a mobile broadband hotspot, but it's for use in the home.

Report: Streaming video drove 72% global increase in mobile data consumption

A new study says streaming video is "the single most influential factor driving the need for increased mobile network capacity."

Stymied by continuing Nexus One 3G issues, Google blames the environment

If you're still afflicted with the 3G flip-flop trouble, then you might consider moving. That appears to be the only suggestion Google can give for now.

Wolfram|Alpha makes a strong argument for virtual keyboards

"Answer engine" Wolfram|Alpha has updated its iPhone/iPod Touch app, harnessing the strength of the virtual keyboard.