• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

Apple Patches Year-Old Windows QuickTime Vulnerability

malware

New Member
Joined
Nov 7, 2004
Messages
5,422 (0.77/day)
Location
Bulgaria
Processor Intel Core 2 Quad Q6600 G0 VID: 1.2125
Motherboard GIGABYTE GA-P35-DS3P rev.2.0
Cooling Thermalright Ultra-120 eXtreme + Noctua NF-S12 Fan
Memory 4x1 GB PQI DDR2 PC2-6400
Video Card(s) Colorful iGame Radeon HD 4890 1 GB GDDR5
Storage 2x 500 GB Seagate Barracuda 7200.11 32 MB RAID0
Display(s) BenQ G2400W 24-inch WideScreen LCD
Case Cooler Master COSMOS RC-1000 (sold), Cooler Master HAF-932 (delivered)
Audio Device(s) Creative X-Fi XtremeMusic + Logitech Z-5500 Digital THX
Power Supply Chieftec CFT-1000G-DF 1kW
Software Laptop: Lenovo 3000 N200 C2DT2310/3GB/120GB/GF7300/15.4"/Razer
Apple has taken another swing at fixing a troublesome spate of QuickTime vulnerabilities. The company released an update for the Windows version of QuickTime media player on Wednesday afternoon to patch what Apple calls a "command injection issue" in the way the media player handles URLs. The flaw, which affects Windows XP and Windows Vista, was first disclosed in September of 2006 by Petko D. Petkov, a penetration tester. Petkov noted in a blog post this September that he reported two QuickTime bugs in the early fall of 2006. Only one, however, was patched. To bring attention to the year-old vulnerability, Petkov posted several proof-of-concept exploits on his blog last month. The issue does not affect computers running Mac OS X, according to Apple.

View at TechPowerUp Main Site
 

Casheti

New Member
Joined
May 3, 2006
Messages
4,421 (0.68/day)
The vulnerability is there yes but let's think about this in real world terms, how many people running quicktime are actually going to be invaded/exploited using this method? I'm sure hackers or whatever have far better methods than this.
 

malware

New Member
Joined
Nov 7, 2004
Messages
5,422 (0.77/day)
Location
Bulgaria
Processor Intel Core 2 Quad Q6600 G0 VID: 1.2125
Motherboard GIGABYTE GA-P35-DS3P rev.2.0
Cooling Thermalright Ultra-120 eXtreme + Noctua NF-S12 Fan
Memory 4x1 GB PQI DDR2 PC2-6400
Video Card(s) Colorful iGame Radeon HD 4890 1 GB GDDR5
Storage 2x 500 GB Seagate Barracuda 7200.11 32 MB RAID0
Display(s) BenQ G2400W 24-inch WideScreen LCD
Case Cooler Master COSMOS RC-1000 (sold), Cooler Master HAF-932 (delivered)
Audio Device(s) Creative X-Fi XtremeMusic + Logitech Z-5500 Digital THX
Power Supply Chieftec CFT-1000G-DF 1kW
Software Laptop: Lenovo 3000 N200 C2DT2310/3GB/120GB/GF7300/15.4"/Razer
The vulnerability is there yes but let's think about this in real world terms, how many people running quicktime are actually going to be invaded/exploited using this method? I'm sure hackers or whatever have far better methods than this.

Yes, but leaving world-wide known vulnerability in your own software code for a year, does not speak well for you either. ;)
 
Joined
Feb 19, 2006
Messages
6,270 (0.95/day)
Location
New York
Processor INTEL CORE I9-9900K @ 5Ghz all core 4.7Ghz Cache @1.305 volts
Motherboard ASUS PRIME Z390-P ATX
Cooling CORSAIR HYDRO H150I PRO RGB 360MM 6x120mm fans push pull
Memory CRUCIAL BALLISTIX 3000Mhz 4x8 32gb @ 4000Mhz
Video Card(s) EVGA GEFORECE RTX 2080 SUPER XC HYBRID GAMING
Storage ADATA XPG SX8200 Pro 1TB 3D NAND NVMe,Intel 660p 1TB m.2 ,1TB WD Blue 3D NAND,500GB WD Blue 3D NAND,
Display(s) 50" Sharp Roku TV 8ms responce time and Philips 75Hz 328E9QJAB 32" curved
Case BLACK LIAN LI O11 DYNAMIC XL FULL-TOWER GAMING CASE,
Power Supply 1600 Watt
Software Windows 10
Yes, but leaving world-wide known vulnerability in your own software code for a year, does not speak well for you either. ;)

that app is utter crap anyways and so is its publisher!:nutkick:>apple
 
Joined
May 24, 2007
Messages
5,401 (0.88/day)
Location
Tennessee
System Name AM5
Processor AMD Ryzen R9 7950X
Motherboard Asrock X670E Taichi
Cooling EK AIO Basic 360
Memory Corsair Vengeance DDR5 5600 64 Gb - XMP1 Profile
Video Card(s) AMD Reference 7900 XTX 24 Gb
Storage Samsung Gen 4 980 1 TB / Samsung 8TB SSD
Display(s) Samsung 34" 240hz 4K
Case Fractal Define R7
Power Supply Seasonic PRIME PX-1300, 1300W 80+ Platinum, Full Modular
Now if Microsoft would only fix their vulnerablity issues on the Mac with MS Office... ;)
 

Helvetica

New Member
Joined
Sep 13, 2007
Messages
159 (0.03/day)
Processor Intel Core 2 Quad Q6600 Kentsfield 2.4GHz
Motherboard ASUS P5K-E/WIFI-AP
Memory 2GB DDR2 800mhz
Video Card(s) HD2900XT
Storage WD 10,000RPM
Display(s) 1920x1200
Audio Device(s) Creative
Power Supply 700w
how about they dump quicktime? the thing is absolute trash. It's clogged up every rig I've ever owned.
 

WarEagleAU

Bird of Prey
Joined
Jul 9, 2006
Messages
10,812 (1.67/day)
Location
Gurley, AL
System Name Pandemic 2020
Processor AMD Ryzen 5 "Gen 2" 2600X
Motherboard AsRock X470 Killer Promontory
Cooling CoolerMaster 240 RGB Master Cooler (Newegg Eggxpert)
Memory 32 GB Geil EVO Portenza DDR4 3200 MHz
Video Card(s) ASUS Radeon RX 580 DirectX 12 DUAL-RX580-O8G 8GB 256-Bit GDDR5 HDCP Ready CrossFireX Support Video C
Storage WD 250 M.2, Corsair P500 M.2, OCZ Trion 500, WD Black 1TB, Assorted others.
Display(s) ASUS MG24UQ Gaming Monitor - 23.6" 4K UHD (3840x2160) , IPS, Adaptive Sync, DisplayWidget
Case Fractal Define R6 C
Audio Device(s) Realtek 5.1 Onboard
Power Supply Corsair RMX 850 Platinum PSU (Newegg Eggxpert)
Mouse Razer Death Adder
Keyboard Corsair K95 Mechanical & Corsair K65 Wired, Wireless, Bluetooth)
Software Windows 10 Pro x64
I agree Casheti. I hardly use quicktime unless the thing I am viewing requires it.

I think the files play beautifully and look wow like, but honestly, its a hog and it sucks.
 
Top