Cisco Blogs

Cisco Blog > Threat Research

Vulnerability Spotlight: Apple Quicktime Corrupt stbl Atom Remote Code Execution

This post was authored by Rich Johnson, William Largent, and Ryan Pentney. Earl Carter contributed to this post.

Cisco Talos, in conjunction with Apple’s security advisory issued on June 30th,  is disclosing the discovery of a remote code execution vulnerability within Apple Quicktime. This vulnerability was initially discovered by the Talos Vulnerability Research & Development Team and reported in accordance with responsible disclosure policies to Apple.

There is a remote code execution vulnerability in Apple Quicktime (TALOS-2015-0018/CVE-2015-3667). An attacker who can control the data inside an stbl atom in a .MOV file can cause an undersized allocation which can lead to an out-of-bounds read. An attacker can use this to create a use-after-free scenario that could lead to remote code execution.

There is a function within QuickTime (QuickTimeMPEG4!0x147f0) which is responsible for processing the data in an hdlr atom. There is a 16-byte memory region, allocated near the beginning of the function, if the hdlr subtype field in an mdia atom is set to ‘vide’, this reference is passed to a set of two functions.


Read More »

Tags: , , , , , , ,

Welcome to the Network: Wi-Fi Wearables

It’s no surprise that wearable devices are increasingly Wi-Fi enabled.

wifi wearables

With Apple’s recent announcement of Wi-Fi support for Apple Watch and rumors that Google will bring Wi-Fi capabilities to Android Wear, wireless connectivity will continue to drive changes in the way we work and play. As more employees opt to use wearable devices in their personal and professional lives, the traditional boundaries of the workspace will become more fluid. Read More »

Tags: , , , , , ,

“Brick by Brick”

Undoubtedly you heard the news last week of Apple CEO Tim Cook’s open letter in which he publicly acknowledges his sexuality and expresses deep pride in being gay.  While the headline alone is remarkable – the real treasure can be mined from exploring the letter in its entirety and inquiring how we as individuals and as an enterprise can manifest the true intention of this extraordinary message.

Tim Cook’s announcement was an act of service and contribution.  In sharing a personal truth, he illuminates a universal one – our greatest challenges often bear the greatest gifts.  For Tim, being gay has given him a deeper understanding of those in the minority, greater empathy, the confidence to be himself, to follow his own path, and to rise above adversity and bigotry.  And as a result –  a richer life.

His message reminds us all that not everyone has “the good fortune to work at a company that loves creativity and innovation and knows it can only flourish when you embrace people’s differences.” In doing what he feels is his part to help others, he inspires us to re-evaluate ours.

Like Apple, Cisco has a long held commitment to embracing people’s differences and welcoming a full spectrum of different backgrounds, experiences, cultures, affiliations, work styles, and points-of-view.

Read More »

Tags: , , ,

Cloudburst: iOS 8 Generates 50% Increase in Network Traffic

Many network engineers recall the iOS7 update on September 18, 2013 as one of the most historic download days of their network’s history. All the more reason for us in the wireless world who anxiously anticipated the September 17 release of iOS8.

We asked a few of our customers to monitor the effect of the software release on their networks and the results for the first two days are in. Those in the education and healthcare space in particular are filled with early adopters of WiFi technology and devices, and eager to get their hands on the latest updates.

Joe Rogers, Associate Network Director at the University of South Florida shared this picture with us from 1pm September 17th, showing 1 Gbps more traffic than he would normally see at this time of day:


Another customer, Greg Sawyer, Manager of Infrastructure Services, shared this picture of the iOS8 effect on his network at the UNSW Australia.


He noted that his experience handling the release this year felt smoother than last year, despite the new peak internet download of 4.65 Gbps and 21Tb downloaded for the day! Not too surprising when considering that there were 27,000 concurrent connections on the wireless network and approximately 60% of those being Apple devices.

How should organizations be considering and handling these network spikes? I sat down with Cisco technical leaders Matt MacPherson and Chris Spain (@Spain_Chris) to get some insight on the effect of big updates like iOS8 on the wireless network. Here are some of the highlights of what we discussed:

The World We Live In

The truth is, more and more services are being moved to the cloud—a cloud that will push updates to millions & in the future billions of users and devices on our networks. Read More »

Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Indoor Wi-Fi Location and Beacons: Better Together Part 2

wifibeaconLocation-based services have been getting a lot of attention lately and people are increasingly curious about how Wi-Fi and beacons play together in the hot space that is indoor location technology. In my last blog I reviewed how beacons work and how to differentiate when to use Wi-Fi and beacons. There’ve been some great questions about beacon technology and how it complements Cisco’s location-based Connected Mobile Experiences (CMX) solution, so I want to follow up on these topics with everyone.

What types of beacons are there?

Generally, there are two different classes of beacons: transmit only and backhaul enabled.

Transmit only beacons are exactly as they sound – they simply transmit information to anyone that is capable of hearing (bluetooth enabled smartphones). They do not receive or pass any data or information upstream.

Apple’s iBeacon is the best example of this type of BLE beacon. You can think of them like the navigational beacons used by airplanes when on approach to major airports. The beacon doesn’t even know the plane is there, but the plane is aware of the beacon and knows where the beacon is allowing it to take the correct action. Same is true for smartphones and transmit only beacons like iBeacon – the intelligence is located in the mobile application which must recognize the beacon and take appropriate action.

Backhaul enabled beacons generally include a Wi-Fi chipset for either management or data capabilities. Some backhaul enabled beacons are USB enabled and take advantage of whatever connectivity exists within the PC they are connected. Read More »

Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,