Apple QuickTime exploit in the wild

By Tom Espiner
Special to CNET News.com

Share
- Digg
- Del.icio.us
- Reddit
- Facebook
- Google
- Newsvine
- Yahoo! Bookmarks
- Twitter
- Stumbleupon
E-mail
Print

Related Stories: Cybercrooks add QuickTime, WinZip flaws to arsenal
May 10, 2007; Apple plugs QuickTime zero-day flaw
May 1, 2007
Related Blogs: Apple QuickTime exploit published
News Blog
November 26, 2007

Symantec has found active exploit code in the wild for an unpatched Apple QuickTime vulnerability.

Researcher Joji Hamada wrote in Symantec's Security Response Weblog on Saturday that the company had seen an active exploit for the vulnerability in Apple's media-streaming program that could lead to users downloading Trojan software.

Hamada said the exploit code was found on a compromised porn site that redirects users to a site hosting malicious software called "Downloader." Downloader is a Trojan that causes compromised machines to download other malicious software from the Internet. Symantec rates Downloader as "very low" risk.

No patch is currently available for the vulnerability, which affects version 7.x, and which lies in a boundary error when QuickTime processes Real Time Streaming Protocol (RTSP) replies.

Symantec is advising concerned IT professionals to run Web browsers at the highest security settings possible, disable Apple QuickTime as a registered RTSP protocol handler, and filter outgoing activity over common RTSP ports, including TCP port 554 and UDP ports 6970-6999.

Proof of concept code was published when the vulnerability was disclosed by security research company Secunia last week.

Tom Espiner of ZDNet UK reported from London.

See more CNET content tagged:
Apple QuickTime, wild, Symantec Corp., vulnerability, Apple Computer

Add a Comment (Log in or register) 10 comments

I love it...
by jelloburn December 3, 2007 8:55 AM PST: If you are an IT professional, wouldn't it make sense to block out all
porn sites in the first place. Employees shouldn't be getting their
jollies at work. Sounds like a good way to get yourself fired if
you're the employee that came across it.; Reply to this comment View reply
Processing

Still no patch from Apple, amazing
by Ilgaz December 3, 2007 9:55 AM PST: First of all, RTSP is the standard protocol for realtime (streaming)
media delivery. Quicktime, Real and even MS Windows Media
Player uses those ports.

It is amazing that Apple didn't come up with a hotfix yet.
Quicktime installations hard earned over years will be zeroed once
again. In fact, it effects iTunes too.; Reply to this comment View all 2 replies
Processing

Gotta go to a porn site, THEN download an app...
by M C December 3, 2007 10:31 AM PST: ...IS there a patch to keep getting stupid people from doing stupid stuff?; Reply to this comment View reply
Processing

Can't fix stupid . . . ?
by K.P.C. December 3, 2007 5:07 PM PST: You mean like somone suggesting Apple should follow MS's lead
on security issues?

ROFLMAO!!!! :-D; Reply to this comment

Latest tech news headlines

Opera 9.6 focuses on neglected features
Posted in The Download Blog by Seth Rosenblatt

October 8, 2008 12:01 AM PDT
Government use of biometrics still raises privacy concerns
Posted in News - Politics and Law by Stephanie Condon

October 8, 2008 12:00 AM PDT
Verizon officially debuts RIM BlackBerry Storm
Posted in Crave by Bonnie Cha

October 7, 2008 9:01 PM PDT
See all headlines

Resource center from News.com sponsors

You Need The Speed of Norton 2009

Introducing Norton Internet Security™2009

With one-click, one-minute install, under 8MB of memory usage and fewer, shorter scans, it's the fastest security suite anywhere. Norton. Smart Security, Engineered for Speed. Get a FREE trial today!

The Fastest Security Suite Anywhere

Experience the revolutionary Norton Internet Security™ 2009. With Norton™ Insight, a new feature, you get precision security that targets only at risk files for fewer, faster, shorter scans

Win a Trip to Space!*

Enter the Blast Off with Norton Sweepstakes for your shot at a trip to space. You could experience being fast and weightless, just like the new Norton 2009. *No purchase necessary; click for full details.

FREE Trial!

Act now to get your FREE trial of Norton Internet Security 2009. Try it for the protection. Love it for the speed

Norton Safe Web NEW!

A community-based system that rates web site safety

Norton Labs NEW!

Users can download new security technologies and share input directly with developers. Help us shape our future products!

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.

More feeds available in our RSS feed index.

Inside CNET News

Scroll Left Scroll Right

News - Business Tech
Unisys hopes ex-Gateway chief can turn it around
Struggling IT services company has chosen Edward Coleman, a man it says has a long history of transforming troubled tech companies, to take over as CEO.
Gallery
Photos: Messenger returns to Mercury
Crave
Verizon officially debuts RIM BlackBerry Storm
Research In Motion and Verizon Wireless officially announce the first touch-screen BlackBerry, and CNET gets a hands-on look.
Outside the Lines
No escape from the perfect financial storm
After this perfect storm, brewed out of years of habit and taken down by mortgages for the masses, consumers and businesses will be far more conservative in their spending habits.
Video
Mercury exposed
News - Digital Media
Click-to-buy links for songs, games added to YouTube
YouTube is adding links to Amazon.com and the iTunes Store from the pages of thousands of its videos, making it easier for people to buy an MP3 they hear or a video game that looks good.
Video
DIY political ads proliferate
News - Politics and Law
Government use of biometrics still raises privacy concerns
Government and information technology industry representatives on Tuesday discussed how to make the public comfortable with the increasingly sophisticated ways the government collects identifiable information.
News - Cutting Edge
Astronaut training awaits Esther Dyson
The tech pundit and investor is girding for six months of training at Russia's Star City, as an understudy to International Space Station-bound Charles Simonyi.
Gallery
Photos: Top 10 reviews of the week
Crossfade
The Cute Lepers, 'Terminal Boredom': Free MP3 of the Day
Download a free MP3 of "Terminal Boredom" courtesy of CNET Download Music.
Green Tech
Army plans 500-megawatt solar thermal farm
A new Army energy strategy includes plans for what could become the world's largest solar thermal farm, as well as geothermal and biomass-to-fuel projects.