First Month of Apple Bugs Vulnerability Published

An anonymous computer security researcher known by the online name LMH, who promised to organize the so-called “Month of Apple Bugs”, has published information about the first vulnerability – this time in Apple QuickTime software.

A vulnerability in the rstp: // link handler allows a hacker to trigger a buffer overflow error using a special string and remotely run arbitrary code. LMH provided an example of a code that exploits the vulnerability found.

LMH notes that at the moment the only possible remedies for the vulnerability found are to disable the processing of links like rstp: // or to completely uninstall Apple QuickTime software.

More information about the vulnerability found and a sample of the code that uses it can be found on this page.


Leave a Reply

Your email address will not be published. Required fields are marked *