Menu
Apple patches seven QuickTime bugs

Apple patches seven QuickTime bugs

Apple Inc. patched seven bugs in QuickTime Monday as it updated the media player to Version 7.3 for both Mac OS X and Windows.

All but one of the vulnerabilities would be ranked critical by other vendors, but Apple does not rate flaws or assign an urgency score to patches. Instead, it uses the phrasing "arbitrary code execution" to note bugs that could be used by attackers to inject their own malicious software into an unpatched machine.

Two of the seven vulnerabilities are related to QuickTime's rendering of PICT images, one to how the player handles the QTVR (QuickTime Virtual Reality) file format, three to its movie file management, and one to how it works with Java applets.

The six flaws that involve image or video file formats can be exploited by attackers able to dupe users into opening malformed files, while the seventh -- the one related to Java -- could be leveraged simply by getting a user to a Web site with a malicious applet. That vulnerability, however, can result in remote code execution only if the attacker has some, if only limited, access rights to the target Mac or PC, said Apple.

QuickTime can be updated using Mac OS X's built-in Software Update feature, while Windows XP and Vista users can either download QuickTime 8.3 from the Apple Web site or use the update tool packaged with earlier editions.


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Events

Featured

Slideshows

Channel kicks 2021 into gear as After Hours returns to Auckland

Channel kicks 2021 into gear as After Hours returns to Auckland

After Hours made a welcome return to the channel social calendar with a bumper crowd of partners, distributors and vendors descending on The Pantry at Park Hyatt in Auckland to kick-start 2021.

Channel kicks 2021 into gear as After Hours returns to Auckland
The Kiwi channel gathers for the 2020 Reseller News Women in ICT Awards

The Kiwi channel gathers for the 2020 Reseller News Women in ICT Awards

Hundreds of leaders from the New Zealand IT industry gathered at the Hilton in Auckland on 17 November to celebrate the finest female talent in the Kiwi channel and recognise the winners of the Reseller News Women in ICT Awards (WIICTA) 2020.

The Kiwi channel gathers for the 2020 Reseller News Women in ICT Awards
Show Comments