10 Replies Latest reply: Nov 27, 2005 6:25 PM by Pres Nevins
Astron Bryant Level 1 Level 1 (5 points)
Sorry if this has allready been brought up but I spent an hour searched the forums for an answer (And longer on google).

My issue is that certain unsavory people seem to be exploiting an ability of quicktime to launch the default web browser and goto a page they designate. This unfortunately mean often I will download a movie (Named something it isn't typicly), run it and suddenly have 10 internet explorer windows pop up opening assorted **** sites, sites demanding spyware and malware installations and on at least one occasion site containing scripts to automaticly install a virus on loading.

I'd like to how I can prevent this from happening short fo outright not using quicktime. Is there an option to disable a movies ability to link to web pages or a feature to block their attemtps to do so?

Thanks.
  • Kyriakos Papadakis Level 4 Level 4 (1,355 points)
    I don't think QT has anything to do with it.You most probably have a virus and need Anti-Virus software.Run Microsoft Update, to name the least, and scan for viruses.Also, in case it's some minor malware, look at your Settings > Programmes for anything blatantly unidentified, clean your Temporary Internet files and clean IE content manually.
  • Jacumba Level 4 Level 4 (2,340 points)
    You've been Hijacked, you really need to have a spyware program.
    http://www.spywareinfo.com/articles/hijacked/
    I use a paid version of Webroot's Spysweeper, but Microsoft is offering one for free. Listed under Popular Downloads.
    http://www.microsoft.com/
  • Astron Bryant Level 1 Level 1 (5 points)
    No. I don't have any viruses or spyware and I havn't been hijacked either. Look a little background on me, I work in tech support dealing with such issues for a living. Regardless I've had this happen on brand new computers I've set up and for the sake of been thorough in eliminating that idea as a possibility I followed every step and recommendation your links gave me and they turned up nothing.

    The problem is a function of certain .mov files which basically activate an imbeded hyperlink within the file, opening the default browser and loading whatever site the link lead to. If I could find a tame one that didn't send you to pornographic sites etc. I'd be happy to host it for you to test out yourself but frankly the only .mov files I've seen that do it are usually **** films themselves named something else (For instance one was named SydneyOlympics2004Opening) with the intention of luring unsuspecting victims into downloading them and running them in quicktime forcing them to load all these malicious pages. It's fine for me on my home network where the security settings are setup so hazardous sites can't actually do anything and the addition of pornographic images to my temporary internet folder has no concequences but at work that could get you fired and heavily fined in goverment employment.

    On a side note how another program could respond to a .mov file playing in quicktime opening web pages specific to that file and at set points in the movies timeline is beyond me. It would have to be a plugin for quicktime.
  • Kyriakos Papadakis Level 4 Level 4 (1,355 points)
    Look at the QT Help files, maybe you have a "Reference movie" or something like that.You'll have to navigate through the site though,I don't have a link, something like having launched MakeRefMovie shown in:
    http://developer.apple.com/quicktime/quicktimeintro/tools/.

    Moreover, if your edition is 6.5.2, there was an update a fortnight ago with security and bug fixes, that can be found here:
    http://www.apple.com/downloads/macosx/apple/

    Otherwise, you can uninstall and install, not forgeting to delete the ActiveX element and the System32 container-if it's safe.Sorry if I can't be of further assistance.Now I use QT mainly on the Mac, but I think the answer is somewhere in here.
    Best wishes!
  • Kyriakos Papadakis Level 4 Level 4 (1,355 points)
    With a little further thinking I could add a couple of things.
    a) If you run on WinXP SP2 you can block all pop-up windows by going to your IE tools and choose from the outcoming pane.
    b) Run a search in your PC for Quick Time movies and trash everything with an abnormal title like the one mentioned, after looking on the path. (There are many QT's in tutorials etc.It will be a long list).
  • jj rocks Level 1 Level 1 (10 points)
    same thing here; I came onto this forum after spending considerable time trying without success to find a solution to this serious bug in quicktime;
    I downloaded the newest ver of QT on a fresh computer, ran what I thought was a cartoon .mov and got over 100 **** sites, download requests, etc. most of which were unclosable with alt-f4;
    I hope someone at apple can show us the solution to this, or plug this major security hole; since, until it is, I will not run any quicktime .mov file
  • Kyriakos Papadakis Level 4 Level 4 (1,355 points)
    I think the same would happen if the cartoon was .mpeg or .avi a.s.o. The icon in the site you visited is malignant.It's author just chose to put QT there, it's not a software problem.Can't you block pop-up windows?
  • QuickTimeKirk Level 9 Level 9 (51,125 points)
    QuickTime authors have the ability to include URL's "inside" a .mov file.
    Since it's a feature (that some have exploited) it is now being used by the "unsavory".
    It's not a virus. It's not a security "hole". And it's easy to edit these URL's out of the file.
    The Movie Properties window (the "Pro" upgrade) can de used to delete the HREFTrack from the file. Saving the file will eliminate the URL.
    On a Mac there are AppleScripts that can "expose" the URL (prior to playback) or edit the URL.
    Downloading QuickTime files from reputable Sites shouldn't be a problem.
    If you find these "linked" movies you could complain the the Web author. They may not know their movies have been "hijacked".
  • jj rocks Level 1 Level 1 (10 points)
    I find it very disconcerting that I would have to pay for the opportunity to be able to strip out an unwanted thing (the href refs); usually pro products add features: and I understand the requirement to pay for the ability to create .mov files; I dont support paying so that I dont get my pc trashed.

    I guess I could easily grep or list the file for such href's too, but why should I? many viewers available for free (including for .avi, .mpg, .mpeg, etc.,) provide option settings to prevent url referencing.

    Since it is clear that the exploit exists, it seems reasonable to me to think that apple would add such an option to their free player; until such time as they do, I, for one, will not watch a .mov; but, hey, I am only person;

    it's a great product, but I will wait to use it
  • Pres Nevins Level 2 Level 2 (325 points)
    Being able to manually delete a track from an offending movie is nice, but nicer would be the fairly obvious option of having a global preference item in QT Player saying "Allow movies to automatically link to web pages" that I can disable.

    By the time I know a given movie uses this exploit, Safari has already launched and gone somewhere, and it's up to me to go after it and weed out the batch of cookies it just created.

    (BTW, what's that URL for Apple feedback? I can never find it on the Apple site when I want it... I really should make a bookmark)

    Dual 2.7GHz G5 - woohoo!   Mac OS X (10.4.3)   (...and fond memories of an Apple ][+)