QuickTime for Windows Secured

Thursday, May 17, 2012 @ 11:05 AM gHale


Version 7.7.2 of QuickTime for Windows addresses 17 security vulnerabilities in the media player.

The vulnerabilities include integer, stack and buffer overflows, as well as memory corruption issues, all of which an attacker could exploit to crash the application or execute arbitrary code on a victim’s system, Apple said.

RELATED STORIES
Leopard OS Flashback Patch
Apple Shuts More OS X, Safari Flaws
Apple Programming Error
iPhone Security Holes Patched

For an attack to be successful, a user must first open a malicious web site or a specially crafted file.

The company said it filled quite a few of the holes in Mac OS X 10.7.3 and 10.7.4 Lion, and Security Updates 2012-001 and 2012-002 for Mac OS X 10.6.8 Snow Leopard systems. Members of TippingPoint’s Zero Day Initiative (ZDI) found most of these vulnerabilities.

Further information about the QuickTime update is in Apple’s security advisory. QuickTime 7.7.2 for Windows is available for Windows 7, Vista and XP SP2 or later from Apple’s Support Downloads site.

Alternatively, those who have the Software Update for Windows tool installed can update by selecting “Apple Software Update” from the Start menu.



Leave a Reply

You must be logged in to post a comment.