Petko D. Petkov of gnucitizen.org, a self proclaimed security think tank, has found a vulnerability in Apple’s QuickTime media player which could allow an attacker to take control of a users computer.
Petcov says [quote]An attacker could exploit the vulnerability by constructing a specially crafted QuickTime supported media file that allows remote code execution if a user visited a malicious Web site, opened a specially crafted attachment in e-mail or opened a maliciously crafted media file from the desktop.[/quote]

If a user is logged in as an administrator, the attacker would have full access to system files and could change, view, or delete sensitive data, install malicious code, and even create new accounts with full administrative privileges.

The only advice for users to protect themselves from this QuickTime vulnerability threat is to not surf the Internet or open local files when logged in as an administrator. The threat is lessened by being logged in to your system with lower level privileges.

This video shows how an attacker could take over a user’s computer. Applications are apparently being opened without user intervention.