Month of Apple Bugs kicks off with QuickTime flaw

The Month of Apple Bugs project kicked off with a security flaw in QuickTime that affects both Mac and Windows versions of the software.

The researchers behind the project are publishing 31 flaws on consecutive days during January apparently just to show they can find them in the usually stable Mac OS.

The first vulnerability posted affects how Quicktime handles the Real Time Streaming Protocol, and could, if exploited, result in a buffer overflow and compromise a system.

Disabling support for the RTSP is one way of protecting computers before a patch is released – Secunia has rated the flaw as “highly critical”.

The “initiative” as LMH and Kevin Finisterre, the men behind Month of Apple Bugs, write on the website, is aimed at finding security laws in Apple software in order to “improve Mac OS X”.

“A positive side-effect, probably, will be a more concerned (security-wise) user-base and better practices from the management side of Apple”, they write.

Helpfully to hackers and security researchers, they publish detailed code and information on each flaw on their website.

The two previously ran a “Month of Kernel Bugs” and a “Month of Browser Bugs”.