When a user visits such a site, the toolkit checks to see which if the browser plug-ins may still be vulnerable to know security flaws, serves up an exploit for the first one it finds, and then silently uses that exploit to install malicious software on the visitor's PC.Īccording to Microsoft's most recent " Security Intelligence Report," a QuickTime flaw was the third- and fourth-most-attacked Web browser vulnerability for Windows XP and Windows Vista systems, respectively, during the first half of 2008 (See chart pulled from the report). These are software kits that attackers typically stitch into the fabric of hacked Web sites. Because it is so widely installed (and probably so infrequently updated), QuickTime has drawn the attention of hackers who write and sell automated exploit toolkits. It's important for QuickTime users (particularly Windows users) not to let too much grass grow under their feet before applying this update. All seven are serious enough that Apple says they could be used to run software of the attacker's choice on a vulnerable system simply by convincing the user to view a specially-crafted movie or streaming media file. This release fixes at least seven security vulnerabilities. The new version, QuickTime 7.6, is available for both Mac and Windows systems. Apple today released a security update for its QuickTime media player.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |