jump to navigation

Apple patches QuickTime September 19, 2006

Posted by grhomeboy in Apple.

Apple Computer on Tuesday released an update to its QuickTime media player software that fixes seven security flaws, all of them serious, ZDNet reports.

The security flaws in QuickTime are all due to the application’s failure to properly check and sanitize files in several formats: H.264, QuickTime, FLC, FlashPix and SGI. An attacker could craft a malicious file in any of those formats which, when opened, would fully compromise a vulnerable system or cause QuickTime to crash.

There are no known exploits for the flaws. Apple regularly provides security updates for QuickTime, and often the flaws are in the handling of various file formats. Experts have said that cyberattackers are increasingly looking for flaws in applications.

Apple repaired the flaws in version 7.1.3 of QuickTime, which is available via the company’s Software Update service and from the QuickTime Web site.

%d bloggers like this: