The whole QuickTime/My ace security hole that was discu ed this week on TUAW has given rise to a general concern about QuickTime's vulnerabilities. The QuickTime bug a arently allowed a worm to infect My ace user profiles and redirected traffic to a phishing site, where pa words were harvested.
An Information Week article suggests the security flaw could extend well beyond My ace to both Mac and Windows users. The problem seems to stem from QuickTime's JavaScript su ort and a bug that allows malicious JavaScript code to affect browsers. The article states that although A le has provided an Internet Explorer patch, it has yet to i ue a general QuickTime fix acro all platforms.
No comments:
Post a Comment