Quick Time Exploit giving up passwords

Discussion in 'Mac Apps and Mac App Store' started by floatingspirit, Mar 22, 2007.

  1. floatingspirit macrumors 6502

    Oct 13, 2001
    Seattle, WA
  2. epochblue macrumors 68000


    Aug 12, 2005
    Nashville, TN
    I only skimmed the article, but it looks like the exploit they're talking about was one of the "bugs" mentioned in the Month of Apple Bugs business.

    Also, according to the article, this "bug" was patched in the Security Update (2007-002) that went out on March 5. So, as long as you're up to date on your patches, you should be fine.

    Also, MySpace, for the most part, is a cesspool that should be avoided ;)
  3. killmoms macrumors 68040


    Jun 23, 2003
    Washington, DC
    It's just another cross-site scripting attack, which really can never be eliminated in QuickTime unless they want to kill the possibly USEFUL functionality allowed by cross-site scripting. I was under the impression that MySpace just needed to disallow cross-site scripting on their site.

Share This Page