I promise I won’t make a regular habit of posting articles like these, but I felt like this is serious enough to break away from our regular programming.
You probably saw the alert the Lindens put up about the QuickTime security flaw if you’ve logged into Second Life recently, but on Fashion Emergency and some other groups I’m in I’ve been seeing questions about what this issue means to the average Second Life user.
The answer? Be careful! It may be possible to use this flaw — for example — to steal Lindens from your avatar’s account in Second Life!
Protect yourself by going into Edit->Preferences, choosing the “Audio/Visual” tab on the left, and unchecking the “Play Streaming Video” box there. Hopefully Apple will release a patch for this problem soon — but until then, it’s not safe to wander the grid with the video setting enabled.
Incidentally, it’s worthwhile noting that this same flaw impacts Internet Explorer, Firefox, and iTunes as well — so be careful browsing the internet. An attacker won’t be able to steal your Lindens by exploiting this flaw via a web browser, but they can do things like install adware and spyware on your computer (which is a major pain to remove and clean up.)
You can read all the gory technical details at the US CERT website.
Celebrity – TY for posting this to warn others. It can steal from you even if you never play a video – as my SL boyfriend found out the hard way early yesterday. His Linden $ balance was wiped clean.
Celeb… you’re tagged… details on my personal: http://graziahorwitz.blogspot.com/2007/12/dang-got-tagged.html
Thanks for the clear explanation on how ot protect yourself re: Quicktime flaw, that was so easy to do. I didn’t go read about the update when it was posted because I just can’t stand trying to figure out techincal speak but you explained it so clearly. Thanks so much