Skip to Content

Posts under tag: QuickTime

August 30, 2010

Old Apple QuickTime code puts IE users in harm’s way

Apple’s failure to clean up old code in QuickTime leaves people running Internet Explorer vulnerable to drive-by attacks, a Spanish security researcher said today.

Ruben Santamarta, a researcher at Madrid-based Wintercore who revealed a bug in IE8 last month, today outlined the QuickTime plug-in vulnerability.

Hackers only need to dupe users into visiting a malicious site hosting exploit code, said Santamarta, who added that his attack code works when someone browses with IE on a machine running Windows XP, Vista or Windows 7 that has QuickTime 7.x or the older QuickTime 6.x installed. (more…)