Posted on 12/04/2006 12:34:18 PM PST by My Favorite Headache
QuickTime JavaScript worm spreads via MySpace
Monday, December 04, 2006 - 01:39 PM EST
Websense Security Labs has confirmed the existence of a worm spreading on the MySpace network. This worm is exploiting the Javascript support within Apple's embedded QuickTime player. This is used in conjunction with a MySpace vulnerability that was announced two weeks ago on the Full-Disclosure mailing list. The vulnerabilities are being used to replace the legitimate links on the user's MySpace profile with links to a phishing site.
Once a user's MySpace profile is infected (by viewing a malicious embedded QuickTime video), that profile is modified in two ways. The links in the user's page are replaced with links to a phishing site, and a copy of the malicious QuickTime video is embedded into the user's site. Any other users who visit this newly-infected profile may have their own profile infected as well.
An infected profile can be identified by the presence of an empty QuickTime video or modified links in the MySpace header section, or both.
More info and screenshot: http://www.websense.com/securitylabs/alerts/alert.php?AlertID=708
F-Secure Virus Information: Name: JS/Quickspace.A Type: Worm Category: Virus Platform: JS (JavaScript)
More info: http://www.f-secure.com/v-descs/js_quickspace_a.shtml
Isn't myspace pretty much a virus in it's own right?
Quick Time is full of adware and spyware as well.
Ping.
I doubt it.
Such as?
Horse puckey.
QT is a system component, made by Apple Computer.
People can hook up all sorts of stuff to it (such as this MySpace virus), but carrying manure in a bucket doesn't make the bucket bad.
My grandsons 2 graduated from college and 1 in college were here Thanksgiving..I had finally cleaned up this computer, a hand me down from one of them via my son... and had zero on my last scan from Adaware..I had 23 critical items after they left! LOL
There was nothing serious enough for AVG to catch... I had had a Trojan and it took weeks to figure out how to rid myself of it. Lesson learned..Never turn off the popup blocker and forget to turn it back on!
In a good way, yes. It's an amazingly powerful networking/marketing tool and a huge part of my business. Oh yea, and it's free. If that's a virus, gimme more, please!
BUMP!
This is a generic exploit that affects all multimedia players, Quacktime, RealPlayer, WinMediaPlayer. It's really a problem with any OS or program that allows injection of arbitrary code.
It's not the delivery medium, it's the programmer who doesn't screen input code for crap. It could and does happen to all OSes and programs (PHP and ActiveScript are both vulnerable), but Win seems to cause the most groans.
In my opinion all software that insists on being terminal resident when not in use is Crapware. That includes the newer printer software. None of this crapware should be running unless the program is in use. It never needed to be in the past and it should not be now. The newest software will not even allow you to turn its TSR status off. You have to force it by some other method.
I'm not going to argue the point, here is a good link for starters:
http://secunia.com/advisories/21893/
That's not surprising. The link you provided is not evidence that "Quick Time is full of adware and spyware". Evidently, you are misinformed about the difference between a vulnerability and actual malware.
Call it what you want. All I know is that every time QuickTime has been loaded for some two-bit video, it leaves spyware/advare that had to be cleaned up. Maybe the content left it. In any event, QuickTime isn't really that important to load, so it has been eliminated.
Well, no wonder. Your link contains absolutely nothing about adware, or spyware.
Maybe you should stop watching two-bit videos?
Seriously, it's not QuickTime that leaves the adware, it's the places you visit.
If a movie link indicates QuickTime, I now avoid it like the plague.
It sounds like an operating system issue. Despite the reports of obscure vulnerabilities, QuickTime is generally safe to use and it has the best-quality video technology available. Unfortunately, Windows users have been terrorized by malware for several years, and now many of them are afraid to do simple things like downloading a file, opening an e-mail or watching a video. Computer users shouldn't have to live in fear of the Internet, but that's the way it is for Microsoft customers. It's a lousy way to experience the network, in my opinion.
It describes how a 'carefully crafted H.264, FLC movie, FlashPix file or SGI image can trigger a buffer overflow which may lead to an application crash or arbitrary code execution with the privileges of the user.'
Not surprisingly, the error referenced affects both Mac and PCs, and a security patch is available.
In the grand scheme of things, I reckon this makes it something like (I'll be generous) 10 billion PC security holes to one on the Mac. Which no longer exists.
Bravo!
Yawn.
Now, about that Adware and Spyware?
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.