Apple’s QuickTime for Windows player contains a security flaw that puts users at
risk of computer hijack, the computer maker said in an advisory.
Apple’s monthly security update for October includes a fix for the
QuickTime vulnerability, which researchers say could lead to buffer overflow attacks in HTML
environments.
According to the advisory, an attacker could execute arbitrary code on a user’s system
via specially crafted HTML documents.
“A sign extension of an overflowed small integer
can result in a very large number being passed to a memory move function. The fix prevents
the small integer from overflowing,” Apple said, noting that this bug only affects Windows
systems.
A separate heap buffer overflow was also patched to correct the way the player
handles the decoding of BMP images. This flaw affects Mac OS X users and was previously
fixed in Apple’s September security update.
Research firm Secunia rates the QuickTime issue as “highly critical” and urged users to
update to version 6.5.2.
The October advisory
also corrects a vulnerability in Apple Remote Desktop, which can be exploited by malicious
users to gain root access on a vulnerable system.
Apple said the bug allows a user under certain circumstances during the login process to
launch applications behind the login window with root privileges. Successful exploitation
requires that the user has a valid account, has been granted “Open and quit applications”
privileges, and that fast user switching is enabled.
Apple Remote Desktop users are urged to upgrade to
version 2.1
or apply Security Update 2004-10-27 for version 1.x.
