May 03 2007

Thomas gives us some Quick(time) updates

Published by at 8:23 am under Apple/Mac,Hacking,Security Advisories

This Quicktime bug has the potential to be a nasty, little cross-browser exploit.  If you haven’t already turned off Java in your browser, you should stop reading and do it now.  Even if you’ve updated to the latest and greatest Quicktime and Java patchs, you might want to leave Java off in your browser.  I’m running Firefox with Java off on both my main systems, and I’m running NoScript on my Mac Book Pro, soon to be installed on the Windows desktop.  Yes, no Java will interfere with some sites, but not as many as you’d think.

Thomas does an excellent job of explaining how this bug affects your system something close to plain English.  It’s more than a little bit scary that he can demonstrate how the bug in less than five lines of code.  If he can show it that quickly, I have to imagine it can’t be too hard for a talented coder to work up a more useful exploit for the vulnerability, if they haven’t already.  Making the exploit cross-platform will be a lot harder, but given a little bit of time, I’m pretty sure it will happen.

Technorati Tags: , , ,

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]

2 responses so far

2 Responses to “Thomas gives us some Quick(time) updates”

  1. Thomas H. Ptacekon 03 May 2007 at 10:16 am

    I don’t understand; what makes you think that generating a cross-platform exploit will be a lot harder?

    The point of Dino’s finding is, it gives Java applets permission to read or write arbitrary bytes from raw memory. That’s much worse than any overflow vulnerability, where you have one shot to spill the right sequence of bytes over the right runtime data.

    This is a uniquely potent cross-platform vulnerability, and a uniquely easy one to build a cross-platform exploit for.

  2. Martinon 07 May 2007 at 10:49 am

    Maybe I should have worded it better. Exploiting the vulnerability won’t be that hard cross platform, creating an agent that takes advantage to compromise multiple platforms will be. It’s easy to DoS multiple platforms, but taking control of Mac and Windows systems with the same code requires a bit more complexity.

    Martin

Trackback URI | Comments RSS

Leave a Reply

%d bloggers like this: