Threat Level: green Handler on Duty: Russ McRee

SANS ISC: InfoSec Handlers Diary Blog - Fix for quicktime arbitrary code execution InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Fix for quicktime arbitrary code execution

Published: 2007-01-23
Last Updated: 2007-01-24 17:01:15 UTC
by William Stearns (Version: 4)
0 comment(s)
     Apple has provided a fix for an buffer overflow vulnerability in RTSP urls.  The fix is available for: "QuickTime 7.1.3 on Mac OS X v10.3.9, Mac OS X Server v10.3.9, Mac OS X v10.4.8, Mac OS X Server v10.4.8, Windows XP/2000".

For Windows users: The patch is only provided for OS X. As a Windows user, your best bet is to uninstall Quicktime and if you still need it download the newest version from Apple later. You can find it by clicking the "Quicktime" tab on Apple's home page (www.apple.com) and follow the download links. Its not clear if the version that is available right now is vulnerable or not. But it does not appear to have been updated recently.  However, take a look at the instructions we have below submitted by a user!

     Many thanks to Juha-Matti for bringing this up.
    
Reader Chris writes in to give us these steps:
- Install Apple Software Update from the QuickTime package if you haven't already
- Start Apple Software Update - Update to ASU 1.0.2
- Check or uncheck the updates you want
- Select "Download Only" from the Tools menu
- Select "Open Downloaded Updates Folder" from the Tools menu


We have heard from several readers.  One reader had a problem, but it seems all the rest that provided feedback had 0 problems.  So, follow the instructions provided above. -- Joel Esler
Keywords:
0 comment(s)
Diary Archives