Softpedia
 
HomepageWindowsGamesDriversMacLinuxScripts buttonMobileHandheldNews

NEWS CATEGORIES:



NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
MEET THE EDITORS >>
Home > News > Apple

August 4th, 2011, 06:57 GMT · By

New QuickTime Update Patches Over a Dozen Security Flaws on Mac and Windows

SHARE:

Adjust text size:


QuickTime application icon
Enlarge picture
Apple is addressing multiple security issues residing in their QuickTime media player for Mac and Windows via a new software update release that brings the software to version 7.7 on both platforms.

Affecting Mac OS X v10.5.8 Leopard (Client and Server), Windows 7, Windows Vista, and Windows XP SP2 or later, QuickTime 7.7 improves security and is recommended for all users, according to a technical document on Apple’s Support site.

With the exception of one flaw, all of the issues addressed in this update affect all platforms (of the ones mentioned above).

The first vulnerability listed by Apple in a Support article talking about the security content of QuickTime 7.7 is related to a buffer overflow that exists in QuickTime's handling of “pict” files.

“Viewing a maliciously crafted pict file may lead to an unexpected application termination or arbitrary code execution,” Apple explains. “sFor Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. This issue does not affect OS X Lion systems,” adds Apple.

The rest of the bugs are similar, in that QuickTime will become vulnerable if fed maliciously crafted file, or website.

As noted above, there’s one flaw that doesn’t apply to all platforms. Instead, it affects Windows PC users only, whether they have a Windows 7, Vista, or XP installation.

Because of a heap buffer overflow that exists in QuickTime's handling of GIF images, “viewing a maliciously crafted GIF image may lead to an unexpected application termination or arbitrary code execution,” according to Apple’s advisory.

The Cupertino technology giant outlines that “This issue does not affect Mac OS X systems.”

The flaw was discovered by an anonymous contributor working with Beyond Security's SecuriTeam Secure Disclosure program, Apple says.

To read about the entire set of security patches (over a dozen of them) delivered in QuickTime 7.7 for Mac and Windows, visit Apple here.

Download QuickTime for Mac OS X (Free)

Download QuickTime for Windows (Free)

TELL US WHAT YOU THINK:

1,102 hits · Link to this article · Print article · Send to friend · Subscribe to news

MUST-READ RELATED ARTICLES:


Birds Indisputably Fly as Analyst Predicts Mac OS-iOS Merger
The iPad Will Always Beat Other Tablets, Says IHS iSuppli
Apple Launching 'iTunes Replay' for Re-Downloading Old Content Free of Charge - Report
Apple Fined $2,855 in South Korea over Location Tracking
Apple Taps Top-Brass Recruitment Firm to Seek Replacement for Ron Johnson

READER COMMENTS:



No user comments yet.
Be the first to express your opinion!
Copyright © 2001-2012 Softpedia. Contact/Tip us at

WindowsGamesDriversMacLinuxScriptsMobileHandheldNews

SUBMIT PROGRAM   |   ADVERTISE   |   GET HELP   |   SEND US FEEDBACK   |   RSS FEEDS   |   UPDATE YOUR SOFTWARE   |   ROMANIAN FORUM
© 2001 - 2012 Softpedia. All rights reserved.
Softpedia® and the Softpedia® logo are
registered trademarks of SoftNews NET SRL.		 Copyright Information | Privacy Policy | Terms of Use