RSS FEED: CNet News | PCWorld | ZNet | The Register | BBC News | eWEEK | Tom's Hardware | TechCrunch | Wired | Scientific American

HARDWARE | SOFTWARE | SCIENCE | GEEK | HACK | SECURITY |

Wednesday, January 03, 2007

QuickTime zero-day bug threatens Macs, PCs

A newly disclosed security vulnerability in Apple Computer's QuickTime software could put both Macs and Windows PCs at risk of cyberattacks, experts have warned.

The publication on Monday of the vulnerability and detailed attack code kicks off the "Month of the Apple Bugs" project, which promises to feature a new Apple software bug each day in January.

The QuickTime vulnerability relates to how the media player software handles the Real Time Streaming Protocol, or RTSP, according to an advisory published on the Month of the Apple Bugs Web site. An attacker could create a special RTSP string in a rigged QuickTime file that would cause a buffer overflow, according to the advisory.

"The risk is having your system compromised by a remote attacker, who can perform any operation under privileges of your user account," said LMH, the alias of one of the two security researchers behind the Month of the Apple Bugs. "It can be triggered via JavaScript, Flash, common links, QTL files and any other method that starts QuickTime."

Read more...

Posted by Wayne at 11:20 AM 0 comments

Labels: , , ,

Ailing music biz set to relax digital restrictions

The anti-digital rights management bandwagon is getting more crowded by the day. Even some major-label executives are pushing for the right to sell digital downloads as unprotected MP3s.

In 2007, the majors will get the message, and the digital-right management (DRM) wall will begin to crumble. Why? Because they'll no longer be able to point to a growing digital marketplace as justification that DRM works. Revenue from digital downloads and mobile content is expected to be flat or, in some cases, decline next year. If the digital market does in fact stall, alternatives to DRM will look much more attractive.

Revenue from digital music has yet to offset losses from still-declining CD sales, and digital track sales remain a cause for concern. Month-over-month download figures were largely flat through 2006, even in the face of year-over-year gains. If the expected post-holiday spike in download numbers that has occurred in the past two years is weak, look for the glass on the panic button to break.

Read more...

Posted by Wayne at 9:04 AM 0 comments

Labels: , , , , ,

Subscribe to: Posts (Atom)