Apple Fixes QuickTime Flaws

Monday, October 31, 2011 @ 07:10 PM gHale


Apple is advising Windows users to update their systems following the release of a patch for the QuickTime media player tool.

QuickTime 7.7.1 addresses 12 vulnerabilities in the Windows version of the platform, but does not affect Mac OS X users, the company said in a security advisory.

RELATED STORIES
Mac OS X Trojan Running
Mac Malware Disables Protection
ICS Threat Brewing; Target Unclear
Old Becomes New: DLL Loading is Back

Ten of the flaws could fall victim of a maliciously crafted PICT or FlashPix movie file to cause an application crash and allow remote code execution.

The update also fixes a cross-site scripting flaw that could allow an attacker to insert code into an HTML file, and a vulnerability which could allow an attacker to view a user’s memory contents by way of malformed movie file.

Apple urged Windows users to install the 7.7.1 update, which they can get through the Apple Software Update utility or they can manually download it from the Apple support site. The update supports Windows versions from XP to Windows 7.

The update is the latest in a busy month for security patches. Cisco posted an update for the Security Agent tool earlier this week, while Microsoft released its monthly patch to address flaws in Internet Explorer and Silverlight, and Oracle delivered an update addressing 56 vulnerabilities.



Leave a Reply

You must be logged in to post a comment.