14 DAY TRIAL // Apple finally patched a critical vulnerability discovered in its QuickTime player that can allow an attacker to exploit an affected system. The improved version, QuickTime 7.1.6, was recently released and is now available for download straight from the Apple website. The vulnerability was discovered last week and was quickly the subject of numerous advisories released by the online security companies. According to the reports, the QuickTime flaw can be used by an attacker to obtain higher privileges and take the control over an affected system. Apple received the reports and was investigating the problems, releasing an improved version for Mac OS X 10.3.9 and 10.4.9 as well as Windows XP SP2 and Windows 2000 SP4.
"An implementation issue exists in QuickTime for Java, which may allow reading or writing out of the bounds of the allocated heap. By enticing a user to visit a web page containing a maliciously-crafted Java applet, an attacker can trigger the issue which may lead to arbitrary code execution. This update addresses the issue by performing additional bounds checking when creating QTPointerRef objects. Credit to Dino Dai Zovi working with TippingPoint and the Zero Day Initiative for reporting this issue," Apple tried to describe the security flaw.
However, the security of the computers is more and more threatened by numerous vulnerabilities that are discovered in all types of applications. For example, Winamp, the famous audio player, was also vulnerable to attacks as the security companies identified a flaw that might allow an attacker to control an affected system. With this new QuickTime vulnerability, our computers' security is even more affected, the threat being expanded even to the Mac computers.
If you want to download the latest version of QuickTime for Windows, you can take it from Softpedia using this link.