Macs and PCs Vulnerable to QuickTime Hack

The QuickTime flaw was publicized as part of the Month of Apple Bugs project, a joint effort of Kevin Finisterre, a self-taught security entrepreneur, and a hacker known only as LMH. The Month of Apple Bugs project follows the Month of Browser Bugs and Month of Kernel Bugs, both of which sought to highlight common hacks and other problems by releasing the details of one vulnerability a day over the course of a full month.

 

A vulnerability identified as part of the Month of Apple Bugs project is making its way around the Internet today -- at least in dozens of press reports highlighting it, if not on users' machines.

The bug, a flaw in Apple's QuickTime movie player, reportedly lets hackers exploit QuickTime's Real Time Streaming (RTS) protocol to cause a buffer overflow. A buffer overflow is simply a problem that occurs when a program, such as QuickTime, attempts to store too much data in the space allotted for it, and can give hackers complete control over a computer.