Quick Time Exploit giving up passwords

Discussion in 'Mac Apps and Mac App Store' started by floatingspirit, Mar 22, 2007.

Most Liked Posts
  1. floatingspirit, Mar 22, 2007

    floatingspirit macrumors 6502

    Joined:
    Oct 13, 2001
    Location:
    Seattle, WA
    #1
    share
    + Quote Reply
  2. epochblue, Mar 22, 2007

    epochblue macrumors 68000

    epochblue

    Joined:
    Aug 12, 2005
    Location:
    Nashville, TN
    #2
    I only skimmed the article, but it looks like the exploit they're talking about was one of the "bugs" mentioned in the Month of Apple Bugs business.

    Also, according to the article, this "bug" was patched in the Security Update (2007-002) that went out on March 5. So, as long as you're up to date on your patches, you should be fine.

    Also, MySpace, for the most part, is a cesspool that should be avoided ;)
     
    share
    + Quote Reply
  3. killmoms, Mar 22, 2007

    killmoms macrumors 68040

    killmoms

    Joined:
    Jun 23, 2003
    Location:
    Washington, DC
    #3
    It's just another cross-site scripting attack, which really can never be eliminated in QuickTime unless they want to kill the possibly USEFUL functionality allowed by cross-site scripting. I was under the impression that MySpace just needed to disallow cross-site scripting on their site.
     
    share
    + Quote Reply
(You must log in or sign up to post here.)

Share This Page