DeepTime is taking advantage

A report by Websense, a security firm on December 4, said a flaw in QuickTime's JavaScript handling combined with the vulnerability in MySpace has inadvertently helped spread a new worm.

DeepTime is taking advantage Picture 1 This worm will change the link in the infected "profiles", then link to phishing websites. In addition, the worm also infects user profiles to attack other computers using MySpace services. Just by watching videos on other users' profiles in MySpace can also cause the computer to become infected with this worm.

" Infected profiles often have empty QuickTime video content or modified links in MySpace headers, or both ," Websense said.

Currently, News Corp., the parent company of MySpace, has yet to comment on the issue. Known as the "inter-domain script hole", the security flaw is one of the most common vulnerabilities that occur with websites. Although errors in QuickTime feature are not really a flaw, it is still exploited to spread new worms.