Apple bolsters QuickTime defenses

Apple bolsters QuickTime defenses

Summary: Apple is adding several anti-hacking features to QuickTime in an effort to build up the media player's defenses.Ryan Naraine reports that exploit prevention mechanisms have been added to QuickTime in its latest batch of patches.

SHARE:
TOPICS: Hardware, Apple, Mobility
5

Apple is adding several anti-hacking features to QuickTime in an effort to build up the media player's defenses.

Ryan Naraine reports that exploit prevention mechanisms have been added to QuickTime in its latest batch of patches.

Ryan notes:

According to a source familiar with Apple's moves, QuickTime for Windows Vista now features ASLR (address space layout randomization), a security technology that randomly arranges the positions of key data areas to prevent malware authors from predicting target addresses.

ASLR, which has been used by Apple to add code scrambling diversity to Mac OS X Leopard, is used in tandem with additional security features to reduce the effectiveness of exploit attempts.

Apple has also hardened QuickTime with stack buffer safety checking and function call hardening.

The moves are important as QuickTime has been a big target for hackers. Nice to see Apple is on the case.

Topics: Hardware, Apple, Mobility

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

5 comments
Log in or register to join the discussion
  • The PWN to OWN contest was a HUGE black eye for Apple

    However, if Apple truly changes its cavalier attitude towards security because of it then we all win. My question is why it took so long to add ALSR to the Windows version when the OS X version had it a long time ago? Apple has typically operated this way: fix problems on the OS X version of their software while opening security holes in their Windows versions in order to later say [i]See, Windows isn't secure at all!![/i] It is pretty despicable and Apple needs to be called on it.
    NonZealot
  • nice to see apple is on the case' yea right

    nice to see apple is on the case' yea right.
    these holes have been around for awhile.
    no apple software for windows will ever be installed on any of my personal computers or at work.
    SO.CAL Guy
  • Ah, today's defense feature . . .

    tomorrow's attack vector?
    Boot_Agnostic
  • thank you to apple

    for putting in the kind of defense that Microsoft hopes will save them.

    Sauce for goose, I think.

    Narr Vi
    Narr vi
  • Really?

    I'm not sure if Apple would do malicious things to
    Windows, but I've been using the new iTunes for Windows
    and it's gone out of control. It's way too demanding on the
    processor now, and if you don't have enough free RAM, it
    crashes itself.

    Part of the problem with Apple's software running on
    Windows machines is that Windows is so horribly
    ineffecient. Windows bogs a system down so much, as
    iTunes becomes more complex, Windows seems to be
    having trouble keeping everything running.
    devin6687