QuickTime Zero-Day Hits Windows XP, Vista

 
 
By Ryan Naraine  |  Posted 2008-04-22 Email Print this article Print
 
 
 
 
 
 
 

Security researcher Petko D. Petkov (aka pdp) has discovered a gaping hole in fully patched versions of Apple's QuickTime for Windows Media Player.

The zero-day vulnerability allows an attacker to use rigged movie (.mov) files to take full control of Windows XP and Vista machines.

Petkov (left), an ethical hacker from the GNUCitizen think-tank, provided me with a video showing the attack in action.

QuickTime Zero-Day Hits Windows XP, Vista

In the first scenario, Petkov simply clicked on a "test.mov" file from a Windows XP desktop. Within seconds of the file loading in QuickTime, he was able to launch the Microsoft Paint and Calculator applications on the compromised machine.

On a fully patched Windows Vista box, the exploit worked like a charm, giving Petkov full control of the computer.

Because of vulnerability disclosure complications linked to the controversial Computer Misuse Act in the United Kingdom, Petkov is not sure yet how he will disclose the issue to Apple.

"I am experimenting with various ways of disclusure," he said in an interview via IM. For this vulnerability, Petkov said he will use vulnerability brokers at VeriSign's iDefense and TippingPoint's Zero Day Initiative to report the issue to Apple.

 
 
 
 
del.icio.us | digg.com
 
 
 
 
 
 

Submit a Comment

Loading Comments...

 
 
Manage your Newsletters: Login   Register My Newsletters























 
 
 
 
 
 
 
 
 
 
 
Rocket Fuel