The Month of Apple Bugs website’s first vulnerability posting was "Apple Quicktime rtsp URL Handler Stack-based Buffer Overflow" — an attacker could overflow a stack-based buffer, using either HTML, Javascript or a QTL file as attack vector, leading to an exploitable remote arbitrary code execution condition.
SOLUTION AT THAT TIME: "The only potential workaround would be to disable the rtsp:// URL handler, uninstalling Quicktime or simply live with the feeling of being a potential target for pwnage."
Secunia recently tested Apple’s QuickTime 7.1.3 update and found that the fix was only implemented in the Macintosh version of QuickTime and NOT the version relased for Microsoft Windows (even though Apple’s version numbers and patches are identical)
YOUR SOLUTION TODAY?: Disable QuickTime’s rtsp:// URL handler
- From the Windows Control Panel, <Double-Click> QuickTime
- <Click> on the Files Types Tab
- <Click> Streaming – Streaming Movies
- <Uncheck Box> RSTP stream descriptor
- <Click> OK
- Wait until Apple Fixes the problem
Wow. Interesting. This is one I didn’t know about. Forgetting for a moment the whole "Windows/Mac competitive" thing, this looks to actually be a serious security concern for all folks responsible for corporate workstations.
I’m commenting on this on my site. This is something all desktop IT administrators need to be aware of because this intrusion method should be very, very easy to implement on any random web page or any piece of SPAM.
Very nice catch, Blake.