Users should also be aware that publicly available software to exploit this issue is currently available and has already been detected on some malicious web sites. Since iTunes makes use of QuickTime components, it is also affected. It is reported that QuickTime versions 4.0 through 7.3 are known to be vulnerable on all supported Mac and Windows platforms. The user would most likely not detect the execution of the attacker’s software. This issue may allow a remote attacker to execute software on an unsuspecting user’s computer. RTSP allows users to view multimedia content (e.g., videos, music, etc.) that is hosted on another server. Apple QuickTime currently has a significant security issue within its Real Time Streaming Protocol (RTSP) capability. Users of QuickTime are advised to only access QuickTime files from known, trusted sources until a fix is available from Apple. QuickTime and iTune users should upgrade at their earliest convenience. The new version supports Mac OS X v10.3.9, Mac OS X v10.4.9 or later, Mac OS X v10.5 or later, Windows Vista, and Windows XP SP2. A fixed version of Apple QuickTime is now available, 7.3.1, that resolves the RTSP vulnerability described below.
0 kommentar(er)
