NEWS FROM THE LAB - Tuesday, November 27, 2007

New Vulnerability in QuickTime Posted by Patrik @ 04:04 GMT

Not very long ago we posted about fixed vulnerabilities in QuickTime. Now another vulnerability has been discovered, this time in the way QuickTime handles the RTSP Content-Type header. RTSP is a protocol used to stream media. Unfortunately there's public exploit code available and no patch yet from Apple.

Quicktime Vulnerability

The team over at US-CERT has posted some workarounds such as disabling the QuickTime ActiveX Controls, blocking RTSP. If you do the registry changes, make sure you revert them once you have installed the coming patch or else you won't be able to view any streaming QuickTime media.

Additional Notes: Symantec has some excellent analysis located here. They found that this exploit crashes the ActiveX Control in IE. Firefox on the other hand may pass off the QuickTime request directly to QuickTime player depending on configuration. So Firefox users may therefore be more vulnerable, not because of the browser itself, but because Firefox will deliver the exploit directly to its most optimal platform.

Also, while this exploit allows remote code execution and is potentially quite severe, it's not yet being implemented in the wild. There is however a very good chance of that changing as QuickTime is one of a growing number of popular third-party applications targeted by the bad guys.