Thanks all for writing in, we've been patching ourselves.
Quicktime's update for the vulnerability discovered at CanSecWest came out today. Yes, this is the now-infamous Java/Quicktime/Browser vulnerability that Dino Dai Zovi discovered during the "pwn-2-own" contest, that TippingPoint bought for 10,000 dollars for their Zero-Day initiative. This was initially covered by Deb Hale back in this diary.
If you have been following the blog over at Matasano Chargen where Thomas Ptacek has been doing a great job covering it on the Matasano blog: http://www.matasano.com/log/
(This is one of those blogs that you should put in your rss reader if you have one)
Apple's writeup on this says:
Time to update! 12 days to put out an update for Apple. Not too bad.
(Yes, I am an Apple Fanboy)
May 2nd 2007
1 decade ago