QuickTime ‘evil pink box’ flaw hits Second Life… again?

Yes – that flaw. The problem is this: I thought Apple Computer plugged that flaw within a week of its discovery. Unfortunately, stories like this become confusing and alarmist. The story doesn’t specify whether this is a new exploit… or the same old one running on an older version of QuickTime and an older SL Viewer – because all current viewers require the updated, patched QuickTime.Confused, yet?Yawn.Excerpt from the story: 

QuickTime ‘evil pink box’ flaw hits Second LifeIn the demo, the researchers were able to show that their avatar became infected when it came too near the pink box. The code they used raided the avatar’s Linden dollars and emptied the bank account. On the Internet, an attacker can get one dollar for every 275 Linden dollars stolen, so there is a financial incentive to these attacks and other future attacks.


About this entry