Zero-day QuickTime flaw in the wild

Security researchers are warning of a flaw in Apple's media player that hackers could soon use to exploit systems running Windows XP and Vista.

A zero-day flaw identified in Apple's QuickTime media player could soon be the subject of in-the-wild attacks looking to target users running Microsoft Windows XP and Vista operating systems (OSs).

The bug, rated critical by security researcher Symantec, is known to affect QuickTime versions 7.2 and 7.3 (although it was not yet known if earlier versions are also affected), in addition to the player's handling of Real Time streaming protocol (RTSP) of audio and video files running on the Windows OSs.

But it had not been established whether Apple OS X versions of QuickTime also carried the flaw.

Symantec and the a href="http://www.us-cert.gov" target="_blank">US Computer Emergency Readiness Team (US-CERT) have issued alerts on the flaw, which say hackers can exploit it by writing streaming content designed to get unwary users to visit compromised or malicious sites or by getting them to click on a malicious link to a file with some extension read by default in QuickTime (e.g. .qtl, .mov or .gsm) sent in an email.

Successful exploits could allow hackers to install additional malware on the user's computer to make it part of a botnet or harvest passwords using spyware.

A Polish researcher, Krystian Kloskowski was credited by Symantec for first spotting the flaw, which was posted on the milw0rm.com website last Friday. Over the weekend another researcher, known as 'InTEL' had posted proof-of-concept examples of the vulnerability running QuickTime 7.2 or 7.4 on Windows XP with service pack 2 (SP2) and Vista systems.

Symantec also said in its security alerts blog that Firefox users are more susceptible to this attack because Firefox farms off the QuickTime or RTSP request directly to the QuickTime Player as a separate process outside of its control. As a result, it said "the current version of the exploit works perfectly against Firefox if users have chosen QuickTime as the default player for multimedia formats."

Featured Resources

Security analytics for your multi-cloud deployments

IBM Security QRadar SIEM solution brief

Download now

Five reasons to move to the cloud

Join the enterprises moving their workloads to the cloud

Download now

Architecting hybrid IT and edge for digital advantage

Why business leaders should consider a hybrid IT strategy

Download now

Six reasons to accelerate remote asset monitoring with AI

How to optimise resources, increase productivity, and grow profit margins with AI

Download now

Recommended

Lazarus APT hacking group is targeting the defense industry
Security

Lazarus APT hacking group is targeting the defense industry

26 Feb 2021
Microsoft open sources CodeQL queries used in Solorigate inquiry
Security

Microsoft open sources CodeQL queries used in Solorigate inquiry

26 Feb 2021
CISA warns of ongoing Accellion File Transfer Appliance attacks
hacking

CISA warns of ongoing Accellion File Transfer Appliance attacks

25 Feb 2021
What is a Trojan?
Security

What is a Trojan?

25 Feb 2021

Most Popular

How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

26 Feb 2021
How to connect one, two or more monitors to your laptop
Laptops

How to connect one, two or more monitors to your laptop

25 Feb 2021
How to use Chromecast without Wi-Fi
Mobile

How to use Chromecast without Wi-Fi

26 Feb 2021