Mac QuickTime exploit emerges
Metasploit module works on Tiger and Leopard; no patch yet from Apple
Computerworld - Hackers now have sample attack code for the newest QuickTime vulnerability that can hijack Macs, including machines running the latest flavor of Mac OS X, Leopard, security researchers warned today.
The news came just days after a bug in QuickTime's handling of the Real Time Streaming Protocol (RTSP), a audio/video-streaming standard, was disclosed on the milw0rm.com Web site. Proof-of-concept exploit code that worked against Windows XP SP2 and Windows Vista followed shortly after.
But even though analysts confirmed on Monday that Mac OS X versions of QuickTime 7.2 and later are also vulnerable, it took several more days for other researchers to craft a reliable exploit.
Today, Symantec Corp. warned its DeepSight customers that a Metasploit exploit module had been released. "This particular exploit can cause remote code execution through the QuickTime RTSP protocol vulnerability on Microsoft Windows and Apple systems," Symantec said in the alert note. "This is the first working exploit for Apple systems that we have observed."
Metasploit, an exploit testing framework created by noted security researcher and hacker HD Moore, has been dubbed a tripwire of sorts by Symantec in the past. "Once we see something in Metasploit, we know it's likely we'll see it used in attacks," Alfred Huger, vice president of engineering with Symantec's security response group, said in July.
According to the proof-of-concept, the Metasploit module works on Intel- and PowerPC-based Macs running either Mac OS X 10.4 (Tiger) or 10.5 (Leopard). It also executes on PCs running Windows XP SP2.
Symantec urged users to disable Apple QuickTime as an RTSP protocol handler and filter outbound traffic over the most common (but not the only available) posts used by RTSP, which include TCP port 554 and UDP ports 6970-6999.
Apple has not yet issued a fix for QuickTime RTSP bug, but when it does, the update will be the media player's seventh security-related fix this year.
The company has not responded to multiple e-mails requesting comment on the vulnerability.
Read more about Security in Computerworld's Security Topic Center.
- Silicon Valley's 19 Coolest Places to Work
- Is Windows 8 Development Worth the Trouble?
- 8 Books Every IT Leader Should Read This Year
- 10 Hot Hadoop Startups to Watch
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Neustar 2014 DDoS Attacks and Impact Report For the third consecutive year, Neustar surveyed hundreds of companies on distributed denial of service (DDoS) attacks. The survey reveals evidence that the...
- Acxiom Case Study This case study, which focuses on Acxiom, explores how the company was able to secure employee data, reduce migration costs and boost productivity...
- Windows® XP Migration: Protect and Secure Critical Data With the end of the Microsoft Windows XP operating system's lifecycle on April 8, 2014, businesses are faced with the decision to migrate...
- Enhancing Application Protection and Recovery with a Modern Approach to Snapshot Management This CommVault Business Value and Technology White Paper explains how Simpana IntelliSnap® Recovery Manager can make your application recovery fast and reliable.
- Live Webcast LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy... All Security White Papers | Webcasts