{"id":67,"date":"2007-11-27T12:14:42","date_gmt":"2007-11-27T10:14:42","guid":{"rendered":"http:\/\/blog.intego.com\/2007\/11\/27\/quicktime-streaming-flaw-threatens-mac-and-windows\/"},"modified":"2007-11-27T12:14:42","modified_gmt":"2007-11-27T10:14:42","slug":"quicktime-streaming-flaw-threatens-mac-and-windows","status":"publish","type":"post","link":"https:\/\/www.intego.com\/mac-security-blog\/quicktime-streaming-flaw-threatens-mac-and-windows\/","title":{"rendered":"QuickTime Streaming Flaw Threatens Mac and Windows"},"content":{"rendered":"

QuickTime has another weakness. A recently reported<\/a> flaw in Apple’s QuickTime software puts Mac and Windows users at risk of exploits that use RSTP (Real Time Streaming Protocol) URLs. Users clicking on streaming links may open their systems up to arbitrary code execution; that’s security-speak for bad code and bad mojo. For now, a proof-of-concept malware is circulating for Windows (this site explains in detail how this functions<\/a>), and nothing has been seen for Mac. But, as we have seen an alarming number of Mac-targeted exploits recently, it’s highly likely that a similar malware comes to light to attack Macs. Note that while some initial reports suggested that this vulnerability is only in QuickTime 7.3, CERT’s limited testing shows that “shown QuickTime versions 4.0 through 7.3 are vulnerable on all supported Mac and Windows platforms.” <\/p>\n

The best protection, until Apple releases a security update, is to use a firewall, such as Intego NetBarrier<\/a>, to block ports used by the RTSP protocol: 554 TCP and UDP, 7070 TCP and UDP, and 8554 TCP and UDP. It’s best to avoid clicking on any streaming links, but these are not always indicated as such on web pages. <\/p>\n","protected":false},"excerpt":{"rendered":"

QuickTime has another weakness. A recently reported flaw in Apple’s QuickTime software puts Mac and Windows users at risk of exploits that use RSTP (Real Time Streaming Protocol) URLs. Users clicking on streaming links may open their systems up to arbitrary code execution; that’s security-speak for bad code and bad mojo. For now, a proof-of-concept […]<\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"spay_email":"","jetpack_publicize_message":"","jetpack_is_tweetstorm":false},"categories":[7,13],"tags":[],"yoast_head":"\n\n\n\n\n\n\n\n\n\n\n\n\n\t\n\t\n\t\n