KEY POINTS:
A well-known flaw in QuickTime, which has been recognised since last year, is likely to cause trouble in the Web 2.0 world, according to Secure Computing.
Originally considered fairly benign, a new exploit has been released and the security specialist has acted quickly to warn about it.
The first exploit has been freely distributed across the web since September 2006, and remains unpatched by Apple.
But a new and potentially devastating proof of concept (POC) code has been released. The exploit code takes advantage of the QuickTime bug and allows hackers to remotely gain admin rights on users' computers.
It is simple as tricking a user into clicking a link that makes a browser download and execute powerful malware, said Paul Henry, vice president of technology evangelism at Secure.
"In our Web 2.0 world where any user can now easily insert a URL into a social website or blog, it is highly likely that this exploit will gain in prominence," he said.
Inadvertently downloading a rootkit and becoming part of a spam botnet, a victim of identity theft is hugely increased with the latest POC code.
