Submit a Story!
Votes
topics:

vote down flag
informationweek.com - 9/18/2008
Zero-Day Exploit Code For Apple iTunes, QuickTime Posted -- Apple Security -
A week after Apple updated its QuickTime software to version 7.5.5 and its iTunes software to version 8.0, a proof-of-concept exploit for a purported zero-day vulnerability in Apple's newly patched software has been posted at Milw0rm.com. Someone using the name "Securfrog" has published code ...

Blog Reactions

The Unofficial Apple Weblog (TUAW):  Zero-day exploit for QuickTime in the wild

Macsimum News:  ‘Macsimum Recommended Reading’ for Sept. 18

TheAppleBlog:  Daily Apple: iPhone Development, QuickTime Vulnerability, Turtlenecks, & Android

The Mac Security Blog
blog.intego.com - 9/18/2008
The Mac Security Blog
blog.intego.com — QuickTime Bug Discovered: May Be Vector for Attack Apple’s QuickTime, the media software used to play music and movies on Mac OS X and Windows, has recently been update to version 7.5.5, but a serious bug has already been discovered that may be used ... (more) The Mac Security Blog

Comments vote down Macsimum News found this 9/18/2008found this
artenscience.co.uk - 9/23/2008
Quality Solutions for Windows / Mac and Linux
artenscience.co.uk — Overview macVCR allows you to record what happens on your computer screen to a Quicktime movie which you can then replay later at your leisure. macVCR doesn't require any form of installation, just double click the Icon and the program will launch. ... (more) Quality Solutions for Windows / Mac and Linux

Comments vote down Macsimum News found this 9/23/2008found this
Comments
Blog Reactions

Zero-day exploit for QuickTime in the wild
The Unofficial Apple Weblog (TUAW) — Filed under: Multimedia, iTunes, Security A hacker who found a vulnerability in QuickTime said he posted the attack code online after Apple ignored him for a month. The code exploits a flaw in QuickTime that causes a crash when a unusually-long parameter is passed along with a movie file. While it's not demonstrated, the hacker claims that "code execution may be possible." With Leopard, address space randomization makes it more difficult to execute code in memory spaces left after a crash. Earlier operating systems (like Tiger and ...

‘Macsimum Recommended Reading’ for Sept. 18
Macsimum News — ... “Zero-Day Exploit Code For Apple iTunes, QuickTime Posted: The vulnerability in Apple’s newly patched software is said to crash any browser with the QuickTime plug-in.”— InformationWeek “Apple to show off Aperture and Final Cut Studio in Manchester: Beginning in the Manchester on October 7, Apple will take Aperture 2—the company’s photo editing and management software—and the Final Cut Studio video post production suite on tour around Europe from the UK to Finland. Apple is offering a series of free, in-depth seminars that features demonstrations of the software”— ...

Daily Apple: iPhone Development, QuickTime Vulnerability, Turtlenecks, & Android
TheAppleBlog — ... Zero-Day Exploit Code For Quicktime Posted - Supposedly Apple has ignored a submitted vulnerability and in turn the person who found the vulnerability has published it online. ...

Related: apple quicktime zero day
Daily Apple: iPhone Development, QuickTime Vulnerability, Turtlenecks, & AndroidMacLifer: The best apple mac computer hardware and software posts from around the web
iPhone Dev Process - Some really great insight from developer Mike Ash on the whole development and app store submission process for NetAwake.Zero-Day Exploit Code For Quicktime Posted - Supposedly Apple has ignored a submitted vulnerability and in turn the person who found the vulnerability has ...