Menu
Quicktime fix after hack expose

Quicktime fix after hack expose

Apple issued a patch on Tuesday to close the hole found by the winner of a recent hack-the-Mac contest.

Apple described the weakness as an implementation issue in Quicktime. “By enticing a user to visit a web page containing a maliciously crafted Java applet, an attacker can trigger the issue which may lead to arbitrary code execution,” Apple says in its description of the problem.

Apple credits Dino Dai Zovi, who won US$10,000 in a Mac hacking contest initiated at the CanSecWest security conference in Vancouver about two weeks ago, for reporting the flaw. The contest originally challenged conference attendees to break into a Mac that wasn’t running any programs. When no one managed to do so, the contest allowed participants to try to break in through the browser. Dai Zovi was the first to succeed.

Apple also credits 3Com's Tippingpoint division, which put up the $10,000 prize, and the Zero Day Initiative for help in reporting the issue.

Because the flaw lies in Quicktime, which is used by Microsoft’s Internet Explorer as well as Mozilla’s Firefox browsers, PC users are also vulnerable.


Follow Us

Join the newsletter!

Error: Please check your email address.

Tags Applemozilla firefoxquicktime

Featured

Slideshows

A snapshot of the Kiwi partners set to shine at the Reseller News Awards

A snapshot of the Kiwi partners set to shine at the Reseller News Awards

With the 2017 Reseller News ICT Industry Awards only weeks away, Reseller News profiles the power line-up of partners set to dominate the biggest night on the channel calendar. ​Ranging from the enterprise, down through the mid-market and small business sectors into the heart of the start-up scene, the end result is the most diverse and wide-ranging partner line-up in the history of the Awards, playing host to the leading innovators of the past 12 months.​

A snapshot of the Kiwi partners set to shine at the Reseller News Awards
Show Comments