Apple has released its latest Security Update for OS X. Dubbed simply 2013-003, the update fixes a trifecta of memory corruption bugs in QuickTime caused by buffer overflows.Technically, one of the bugs is listed as a buffer underflow, which is just a buffer overflow the other way round. An overflow writes past the end of your own memory buffer, trampling on the next block of memory, which may well be in use for something else; an underflow writes in front of your memory, with a similarly risky outcome.
 |
| Apple`s latest security update |
In other words, a deliberately-tweaked movie file could trick your Mac into running program code hidden in the movie itself, even though such files are supposed to consist entirely of data.
Apple`s latest security update | Naked Security
No comments:
Post a Comment