OzHub, the Macquarie Telecom-led cloud computing alliance, has come down firmly on the side of Optus over the copyright controversy surrounding Optus TV Now, warning that any moves to change the law "risk branding Australia a global luddite state."
read more
Stephen Withers
Thursday, 04 January 2007 10:16
The disclosure page does not indicate whether the Mac OS X version of QuickTime is affected as well as the one for Windows, and the proof of concept appears to rely on other Windows vulnerabilities. Furthermore, the exploit is described as a "cross-zone scripting attack," which is a Windows concept.
That shouldn't be taken as a claim that the QuickTime for Mac is 'safe' in this respect, but since the motivation for MoAB is said to be that "We like to play with OS X," we would have expected a Mac-based proof of concept.
Given that the QuickTime's ability to execute JavaScript contained within a movie's HREFTrack is an explicit feature (eg, to open a browser window with particular dimensions at a certain point in the movie), it isn't obvious how this issue could be best addressed within QuickTime.
Loading comments ...
 |
Microsoft Office 365Try an easy-to-use set of web-enabled tools for business-class productivity services. Office 365 provides anywhere-access to email, important documents, contacts, and calendars on almost any device.  |
LATEST HEADLINES FROM YOUR IT
