QuickTime flaw adds to Apple's woes

QuickTime flaw adds to Apple's woes


Exploit especially dangerous for Firefox users

Apple has been presented with yet another security headache by an independent researcher.

Krystian Kloskowski has posted a proof-of-concept exploit for a vulnerability in Apple's QuickTime multimedia software.

The researcher said that a successful attack could enable the remote execution of malicious code.

The exploit targets a flaw in the way QuickTime handles information for streaming media files.

Malformed data could be hidden within a streaming media file to trigger a buffer overflow error, which could allow the attacker to access the system with the privileges of the current user.

Even an unsuccessful attack could crash the QuickTime player, according to Kloskowski.

The exploit exists only as a proof-of-concept sample to verify the existence of the flaw. There have been no reports of any attacks targeting the vulnerability.

Many users will be comforted to know that their choice of browser could prevent the attack. Researchers at Symantec have found that Internet Explorer 6 and 7 do not allow the exploit to run.

The latest beta of Safari for Windows is also protected, but Mozilla's Firefox browser remains vulnerable to the attack.

"Firefox users are more susceptible because Firefox farms off the request directly to the QuickTime player as a separate process outside its control," says Symantec researcher Elia Florio.

"As a result, the current version of the exploit works perfectly against Firefox if users have chosen QuickTime as the default player for multimedia formats."

Florio warned that attackers may adjust the exploit to work in other browsers, and advised users to adjust their firewalls to block outbound traffic from TCP 554 and avoid following untrusted links.

This latest vulnerability comes at a difficult time for Apple on the security front. Researchers blasted the company earlier this month for shortcomings in the firewall on the new MacOS X Leopard operating system.

Apple issued a fix, but a few days later researchers found that the company had left open a flaw in Leopard's Mail application that had been previously patched.

Meanwhile, a Trojan targeting Mac users has continued to flourish on fake codec sites.