Internet Multimedia Safety
An enormous variety of audio/music and video files are freely available from Web
sites throughout the Internet. Some Web sites are designed to automatically play
music or video once you arrive at the site. You might also access music or video
by clicking a link on a Web page or an attachment to an e-mail. Your computer
will automatically open a music or video file if it has an appropriate application
(player) installed on it. Windows Media Player is the default application/player
for audio and video on computers running Microsoft's Windows (most of you).
The fact that your computer will automatically open audio or video files can be
used against you. A malicious individual can craft/modify a sound or video file
in such a way that it can be used to cause the player to process/work incorrectly.
The condition created within the player allows the malicious individual to bypass
the security of your computer. This modified sound or video file could be purposely
planted on a Web site or sent to you as an attachment to an e-mail. It is possible
to use this approach to gain remote access to and complete control of your computer.
Apple's popular "QuickTime" has been the target of attacks similar to what I just described.
Both
QuickTime and Windows
Media Player have been found to have numerous security vulnerabilities. These
vulnerabilities have been exploited by malicious individuals to bypass the security
of the computer the media player was installed on.
As I mentioned earlier in this tutorial there is often a tradeoff between security
and functionality. You can increase your security while using Internet Explorer
by disabling the ability to automatically view video or listen to sound on the
Internet.
|
