Posts under tag: QuickTime
Apple’s failure to clean up old code in QuickTime leaves people running Internet Explorer vulnerable to drive-by attacks, a Spanish security researcher said today.
Ruben Santamarta, a researcher at Madrid-based Wintercore who revealed a bug in IE8 last month, today outlined the QuickTime plug-in vulnerability.
Hackers only need to dupe users into visiting a malicious site hosting exploit code, said Santamarta, who added that his attack code works when someone browses with IE on a machine running Windows XP, Vista or Windows 7 that has QuickTime 7.x or the older QuickTime 6.x installed. (more…)