Unpatchable buffer overflow in browser plugins are quite common these day. After the PDF vulnerability, it is the Quicktime protocol RSTP that is vulnerable. Launching a stream is enough to get compromised. The pdf vulnerability was used in a massive spam attack. This time, I wonder how many “porno” video will be instead this exploit leading in a kind of attack between phishing and remote exploitation: You create a page with let say 5 videos that draw the interesset of the visitor and the 6th is the exploit. Well I let you figure out what a video can draw attention 
I wonder if the iphone suffers from this vulnerabilty ? Wath is “fun” with this vulnerability is that Itune act as a trojan because it install quicktime by default… Additionnaly many computes are concerned due to this behavior. That is why I hate software that add an extra service/plugins that you don’t want. It is a total security nightmare.
Latest Comments