Researchers Find Yet Another Vulnerability in Quicktime - What a Surprise

Security researchers recently agreed to release undisclosed vulnerabilities in Apple and/or Mac products on a daily basis for the entire month of January. I never liked Apple’s products for the simple fact that they report home. Itunes makes you convert your MP3’s to lower quality, and who knows what information is being relayed back to apple. The most recent vulnerability found was in the famous movie player, Quicktime.

The only real way to avoid the vulnerability at this point is to:

1: Uninstall Quicktime (recommended) 2: Uninstall Quicktime 3: Avoid playing Quicktime movies from unknown or non trustworthy sources, including emails from friends & co workers. A lot of malware immediately sends itself to everyone in contact lists, so beware! 4: Did I mention uninstall Quicktime? 5: If you have to leave Quicktime installed, be sure to disable RTSP URL processing until Apple releases a patch.

I’m not sure if the program, or the movie engine itself is vulnerable, but if you perform a google search, there are several alternative which will allow you to play Quicktime movies WITHOUT installing Quicktime. US CERT has already reported a proof on concept does exist, which means this exploit is being taken advantage of. If you think you’re a victim, backup your critical data (images, mp3s, documents, NOT executables), and reinstall windows. You may think I’m kidding, but the folks at 2600 would agree with me.

Malware and Adware have come to the point where detection can be nearly impossible. Programmers can and have developed ways to hide the malicious processes, remove any indication of network traffic, and even encrypt the file & all traffic being sent to and from the client & server. If we’re fortunate enough, I’ll ask my buddy to write up an article detailing how he and a couple co-workers disassembled one of these encrypted buggers, followed through the 16 encrypted IRC networks, and eventually shocked the hell out of the botmaster himself – similar to the way Steve Gibson did, but this particular bot was way trickier.

**note: This vulnerability effects not only Mac OS X, but Windows as well! Once again, uninstall Quicktime, it’s useless.

Stay tuned for more information regarding these vulnerabilities.