Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Discover a critical zero-click remote code execution vulnerability in Apple Compressor through this 29-minute conference talk from Objective-By-The-Sea v8.0. Learn how security researcher Zhi Zhou uncovered a dangerous attack surface that puts content creators and film producers at risk of unauthenticated remote exploitation from local area networks. Explore the reverse engineering process for Objective-C++ binaries, network protocol analysis techniques, and the methodology for chaining primitives together to achieve full remote code execution. Understand why Compressor remains vulnerable while related Apple Pro Apps like Final Cut Pro and Motion, despite sharing the same problematic code, are not affected. Follow the researcher's journey through the responsible disclosure process, including how Apple's App Sandbox implementation initially blocked the exploit and the subsequent bypass techniques developed using improved primitives. Gain insights into advanced vulnerability research methodologies and the security implications for professional video production workflows.
