iTWire - Confirmed: QuickTime/Java flaw does affect Windows

Confirmed: QuickTime/Java flaw does affect Windows

by Stephen Withers
Thursday, 26 April 2007
! The QuickTime/Java vulnerability that earned Dino Dai Zovi a $10,000 prize in a Mac hacking contest at the CanSecWest security conference also affects Windows, Tipping Point officials have confirmed. "We have now verified that this issue affects both Windows and Mac operating systems, including Windows Vista through Internet Explorer," said Terri Forslof, manager of security response at TippingPoint. Originally thought to be a Safari flaw, it was later revealed that the vulnerability was seated in the interaction between Java and QuickTime, and affected other Mac browsers such as Firefox. "We strongly believe at this point that any Java-enabled browser that has the vulnerable QuickTime Java extension installed is affected by this issue," added Forslof. Until Apple releases an update, computers may be protected by disabling Java support in every browser used on the system. TippingPoint, a 3Com division, put up the $10,000 prize. The competition rules were relaxed to allow attacks via malicious web pages when nobody came up with an exploit that could take over a Mac that was merely sitting on a network.{moscomment} Please enable JavaScript in your browser to post your comment! Tags See All Tags Apple Browsers Internet Macintosh Malware Microsoft Security Software Stephen Withers Vista Windows Get stories like this delivered daily - FREE - subscribe now

< Next story in category		Previous story in the category >

Tags See All Tags