Beware of opening Quicktime movies !!! US-CERT is aware of a public report of a new vulnerability in Apple QuickTime. The report indicates that if a user opens a specially crafted QuickTime file, an attacker may be able to execute arbitrary code. This vulnerability may have several attack vectors, such as visiting a malicious or compromised website. US-CERT is currently investigating this report and will provide additional details as needed.
There is no patch as we speak so be careful. How many more of these security leaks will we see in quicktime?
US-CERT encourages users to use caution when opening QuickTime files, and apply the best security practices described in the Securing Your Web Browser document, to help mitigate the risks. (Source: US CERT)
UPDATE: The (original) GNUCITIZEN article with a movie on the exploit.
Related articles:
- Patch mania, it's not just Patch Tuesday
- Massive amounts of vulnerabilities are making a lot of PCs vulnerable
- Quicktime flaw (AGAIN)
- Oracle security patches are seldom applied
- Flood of vulnerabilities coming our way
- Adobe Acrobat and Reader security patch finally released
- QuickTime update closes security hole
Security4all Blog
Twitter
Slideshare
Facebook
Digg
Flickr
0 comments:
Post a Comment