digg

Facebook Connect Join Digg About

Attackers target unpatched QuickTime flaw that affects Windows & Macs.

infoworld.com The vulnerability, called the Apple QuickTime RTSP Response Header Stack-Based Buffer Overflow Vulnerability, was first disclosed on Nov. 23rd and still remains unpatched. The vulnerability can be exploited through Internet Explorer, Firefox, Opera, and Safari and effects both Windows and Mac users.

Who dugg this? Made popular Dec 3, 2007

Digg DudeWhat is Digg?

Digg is a place for people to discover and share content from anywhere on the web. Digg surfaces the best stuff as submitted and voted on by the community. Take the Tour to learn more.

147 Comments

show profanity settings
expand all
  • ElBob, on 12/03/2007, -14/+40Did you read what the exploit installs? They all end in .exe. We've seen exploits, but we've never seen anything that actually does something bad.
  • slashbot, on 12/03/2007, -4/+29I hate quicktime. From forced file associations, to obnoxious tray icons, to update harassment. It is a potpourri of joy.
  • staxofmax, on 12/03/2007, -3/+20As if QuickTime hijacking your computer wasn't bad enough....
  • torindkflt, on 12/03/2007, -4/+19Anyone who plays on the MMORPG "Second Life" is also at risk, because it too uses QuickTime for media streaming.
  • eatsushi, on 12/03/2007, -3/+18You can't hack me for *****....I got Norton!!
  • FredSpeaking, on 12/03/2007, -0/+14As a digg regular, I was very bent against Vista before trying it. Two weeks ago my office bought a box preloaded with it, and I must say, it is nice. I especially like the way it logs users in by default - with non admin access. The user must grant it to any app that requires it. Pretty much nullifies a lot of trojans. Of course dumbasses (typical Windows users) can't withstand much social engineering. /sigh
  • syowr, on 12/03/2007, -5/+18"computers are being redirected from an adult Web site, Ourvoyeur.net, to another Web site that infects the computer with an application called loader.exe, which can be saved to the computer as metasploit.exe, asasa.exe, or syst.exe. Once installed on a computer this application downloads another binary file, which Symantec identified as Hacktool.Rootkit, a set of tools that can be used to break into a system."

    So unless macs have suddenly started running .exe files natively you are right, no virus on yer mac even if you go to this site and run an app with a vulnerability. You see its not the OS that has the vulnerability in this case, neither mac or windows to blame here.

    Next time try to read and comprehend the article first and perhaps your troll will be more effective.. as is.. I give it a 1/10 for effort
  • uvscwolverine, on 12/03/2007, -5/+17Okay...Apple bashing aside, no one ever said Macs were free of security problems. Like Windows, Mac exploits are found on a regular basis. Apple does issue security updates now and then (e.g. when needed), but while these are OS exploits that can result in someone doing bad things to your computer there are still no viruses for the Mac. This exploit could probably work on a Mac, but I doubt it. The redirect would work since it's just some HTML, but the rootkit wouldn't do a dang thing. Unless the exploit also allows administrator level access WITHOUT authentication it wouldn't be able to do anything system-wide without the user explicitly giving permission.
  • pcgeek101, on 12/03/2007, -20/+31Good thing I use Windows Vista Business WITHOUT Quicktime!!!

    Edit: VLC FTW
  • NSsoccer1, on 12/03/2007, -1/+11Can't wait for it to put all of those .exe files on my mac...they should run flawlessly.
  • bmartin, on 12/03/2007, -10/+19To the naysayers (read: Mac fanboys), the "fact" that an effect exploit doesn't exist means little in terms of vulnerability. You're just as vulnerable as Windows users. The odds of you being exploited are lessened because most of the world employs Windows executables for their computing needs.

    As obnoxious as Brantano's comment is, he has a point. As a Firefox user, I'd be vulnerable, too... except that Quicktime sucks and I use GStreamer.
  • Rupan, on 12/03/2007, -1/+10no, macs are just as vulnerable to security threats as Windows even Linux is. The difference is, Windows is much more compromised by these overflows in what they allow to happen afterwards and gain access to.
  • marchaos, on 12/03/2007, -4/+12Rodger, burying.
  • syowr, on 12/03/2007, -2/+10Neither. read the article.
  • pero69, on 12/03/2007, -4/+12dug down for use of booya.
  • KaiUno, on 12/03/2007, -1/+8Same, but for the poster being an elitist idiot.
    I like running software on my computer, not just the operating system. So I stick with Windows.

    Besides, Quicktime? Pig of a program if you ask me. Never realy worked flawlessly on Windows. I've steered clear of it for years.
  • CCB0x45, on 12/03/2007, -4/+11"Your just as vulnerable as windows users"
    No, you guys are missing the point, its not just due to obscurity that nothing exists, OS X is run at a user level. In an exploit, such as this, say they get through and run an app, they would still have to pop up an admin box somewhere asking you for your password. On XP the app can be run and install all behind the scenes. XP is a security nightmare. True unix user level security is what matters because it is designed to protect the OS from applications that may have security holes... be it third party or first party. If you download something, like a VLC client on OS X and it has a security exploit, apple can't help that of course, but they can make it run at a lower user level so that it isnt able to do any damage. Quicktime is an App, yes one that ships with the OS, but still an app, but he reason OS X is virus free isnt just obscurity(because im sure there are people out there that would take the time to write sites that attempted to install stuff on both windows and mac, if they could get stuff to install silently on mac without a user password.) its because its Unix.

    Quick point: you guys are the morons, this is why it only trys to install exes instead of exes and app bundles.

  • strictnein, on 12/03/2007, -1/+7This to me says you're nothing but a bland poster on Internet sites. How about you post the same exact comment one more time?
  • usingpond, on 12/03/2007, -2/+8You spelled "Roger" wrong.
  • TennisElbow, on 12/03/2007, -1/+7...but how would the .exe's that this exploit installs run on OS X?
  • bradleyland, on 12/03/2007, -0/+6The lesson here:

    * Don't form strong opinions based on what you read on Digg; try it out for yourself
  • zionKing, on 12/03/2007, -0/+6Here's to hoping this hole is patched asap
  • zionKing, on 12/03/2007, -8/+14Uh oh, one Mac vulnerability means Windows security == Macs security... or at least according to the impregnable logic of hateboys, correcto?
  • TennisElbow, on 12/03/2007, -2/+8Google is your friend. "Frank Casanova ... cited recent market research that indicated QuickTime is running nearly neck and neck with Windows Media Player. QuickTime currently has 36.8% of the market, while Windows has 38.2% of the market. Real Player is in third place with 24.9% of the market. However, Casanova contends that Real Player hasn't been growing in the market."
  • subgeniusd, on 12/03/2007, -1/+7So do I (like right now) but some of us still have XP systems on home LANs. QT trojan probably no big deal but a warning of future malware exploits don't you think? Complacency in the malware jungle is just asking for trouble.

  • mooninite, on 12/03/2007, -0/+6Your elegant and un-paralleled intelligence displayed in your comment leaves me breathless and hungry for more!
  • hydroplane, on 12/03/2007, -1/+6Like we needed another reason not to use quicktime.
  • BlackCow, on 12/03/2007, -1/+6You're an idiot...
  • X9001, on 12/03/2007, -0/+5porn
  • digitalpencil, on 12/03/2007, -2/+7Virus free.. yes, they are. The loader virus is an exe and the rootkit's an exe so i don't really give a ***** if QT downloads a virus that will sit there on my desktop, incapable of running.
  • coolbru, on 12/03/2007, -4/+8That says to me that you're nothing but a bland consumer of video, and wouldn't ever need to create or edit it. It's mostly impossible to do professional video work without using QT since it's the only format that handles it all.
  • FyberOptic, on 12/03/2007, -4/+8Perhaps you should check up on Apple's security track record when it comes to the software they've released on PC. Nobody targets Apple machines because they have a tiny unimportant marketshare. Once their software hits PC, however, it's a tempting target, and Apple has shown us time and time again that they're incapable of writing secure code. If Apple had a larger marketshare, OSX would be facing relentless adware, spyware, worms, etc from their poor security practices.
  • aznhomig, on 12/03/2007, -0/+4UAC is not a guarantee for protection. PC or Mac user differences aside, there's still stupid people out there that use computers and are willing to compromise their computer for some "free" porn: after installing a lot of ***** on your computer.
  • BlaenkDenum, on 12/03/2007, -2/+6I've been avoiding embedded QuickTime videos pretty much the whole year now because they always end up crashing my browser for some reason. I've had various updates and I've seen countless security risk warnings online about it but it's been over the span of this year so many times I have thought it has been fixed only to see QuickTime crash my FireFox. I had to stop using apple.com/trailers :(
  • pacman122, on 12/03/2007, -4/+8Does this effect both intel and ppc macs?
  • uvscwolverine, on 12/03/2007, -1/+5My Mac = not vulnerable to this particular attack.
  • inactive, on 12/03/2007, -2/+6The title is misleading and makes people think that hackers have actually used this "vulnerability" in some sort of atttack, but of course, these sort of reports are almost always reported by from a computer lab somewhere, most of a time by a security firm, in this case, Symantec. It's in Symantec's interest to report these sort of things because it makes people stampede to their nearest computer store to buy copies of their anti-virus software.

    Someone wake me up when an actual virus has infected someone's Mac.
  • usingpond, on 12/03/2007, -2/+6For all these people saying "SO NOW MACS HAVE VIRUSES" every goddamn month, have you ever seen or heard of one actually happening? Me neither. So shut the ***** up, the stories are all ***** fake and from companies who have something to gain by publishing it.

    Go back to tinkering with NORTON or whatever.
  • digitalpencil, on 12/03/2007, -1/+5erm.. how exactly does this affect *nix-based OS's?? the loader viruses are all .exe and the rootkit's an exe as well!
    Granted QT will download the viruses direct to any OS but doesn't my inability to run the app render this non-threatening to those of us using Linux/OSX?? I mean it's just going to sit there, on my desktop, being all harmless..
  • jchrome, on 12/03/2007, -1/+5Not sure why you're being Dugg down for that, does anyone actually still like Quicktime? It is pretty universally regarded as The Worst Format Ever. Personally I use "Quicktime Alternative" for sites that require it. I would suggest looking into it for anyone that hasn't already heard of it.
  • inobla, on 12/03/2007, -2/+6Mostly impossible to do professional video work without QT? You're nuts. I purchased QT pro a while back and have never been more disappointed by such a pile of crap before. I have plenty of more functional alternatives to choose from for video work.
  • syowr, on 12/03/2007, -3/+7read the article.. this is not an OS problem it does not matter what OS you use. This is an application issue.
    So no Brantano has NOT got a point he just has obnoxious.

  • uvscwolverine, on 12/03/2007, -1/+4Actually this targets Windows users. If you read the article you'll notice that it is installing Windows executables. Not to say that someone couldn't make use of this against Mac users, but these guys are only targeting Windows, and I don't know that this type of exploit would be possible on a Mac since some of what it wants to do would require elevation to Administrator which ALWAYS requires your password since this doesn't seem to allow user access elevation. Again I'm not saying it wouldn't work, but based on what I know about the way OS X works I don't think that this would be doable - I could easily be wrong though.
  • supersteve, on 12/03/2007, -2/+5how does this virus affect the mac? The file is an EXE file, last time I checked exe files can't run on macs.
  • jchrome, on 12/03/2007, -3/+6Wow, those are some sad statistics. WMP is so much better than Quicktime that those stats truly boggle the mind if true.
  • spyseetuna, on 12/03/2007, -0/+3I think coolbru is referring to apps like Final Cut Pro. http://www.apple.com/finalcutstudio/finalcutpro/
  • directive0, on 12/03/2007, -4/+7Maliciously downloads a set of .exe's eh? Uh, so essentially my lone mac computer is only affected if I decide to boot it into windows then. Scary stuff, I guess.
  • coolbru, on 12/03/2007, -0/+3No, but it may affect them.
  • Ultramagnus0001, on 12/03/2007, -0/+3Same here. I have Quicktime alternative instead.
    http://www.codecguide.com/
  • MacParrot, on 12/03/2007, -0/+3No it would still be do-able, but it would require the attackee to enter their admin password to execute some Mac compatible code. Macs are not invulnerable, it just requires a higher level of stupidity to do anything malicious. Vista now has the same type of security (not running as admin) so hopefully this won't affect their users either.
    No OS can compensate for user stupidity.
  • Fetching more discussions...
    Show 51 - 100 of 144 discussions

  • Add a Comment

    Login or register to comment!
    Or, sign-in super fast with your Facebook account ...

© Digg Inc. 2009 — Content created and posted by Digg users is dedicated to the public domain | Terms of Use Updated | Privacy Policy
DIGG, DIGG IT, DUGG, DIGG THIS, Digg graphics, logos, designs, page headers, button icons, scripts, and other service names are the trademarks of Digg Inc.