$10,000 Mac Hack Affects Windows Too

Posted: April 25, 2007 in Technology

Terri Forslof, manager of security response at 3Com’s TippingPoint division, which rewarded $10,000 to security researcher Dino Dai Zovi after finding a flaw for Apple’s Safari browser in last week’s CanSecWest security conference, has disclosed that the vulnerability actually lies in the way Apple’s QuickTime Media Player works with the Java programming language. QuickTime runs on both Windows and the Mac, meaning both operating systems can be attacked.

The bug “is the equivalent to a ‘click and you’re owned’ vulnerability,” said Forslof. Because the flaw has not been publicly disclosed, it is not considered to be a significant threat to QuickTime users. Dai Zovi, who lives in New York, used a URL to expose the hole. He said he has reported at least eight security vulnerabilities to Apple and has had “nothing but positive interactions” with the company.

Source: PC World

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s