Apple’s latest security update for Mac OS X includes a series of patches to Quicktime designed to stop the movie playback software from being exploited to launch a malicious attack. How do you turn a non-executable movie into dangerous executable code?
Sophos security guru Paul Ducklin explains how the structure of MOV files makes them potentially vulnerable to stack overflow errors, and why this matters. It’s a detailed and interesting read, and worth checking out if you’re not familiar with how this kind of exploit works.
For programmers, there’s also a timeless reminder: “Remember that you can never have too much error-checking.” Hit the link for the full post.
Anatomy of a buffer overflow – learning from Apple’s latest security update [Naked Security]
Comments
3 responses to “How Movie Files Can Become The Source Of Malware Attacks”
Correct me if I’m wrong, but haven’t they been able to hide code/messages in all kinds of media? I’m thinking of the method used to hide text in photos etc. in general here. Or am I barking up the wrong tree… 🙂
They have indeed been able to hide code/messages in all kinds of media but this is talking about something else altogether.
This refers to exploits to change non-executable code (so lets say, a file you read using a program) to executable code (something more akin to a program that is running) and how they can be hidden inside non-executable files.
Ahh… Ok…. I think… 🙂