We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
78,721 News Articles

Apple patches seven QuickTime bugs

Fixes coincide with Mac OS X & Windows updates

Apple patched seven bugs in QuickTime as it updated the media player to Version 7.3 for both Mac OS X and Windows yesterday.

All but one of the vulnerabilities would be ranked critical by other vendors, but Apple does not rate flaws or assign an urgency score to patches. Instead, it uses the phrasing 'arbitrary code execution' to note bugs that could be used by attackers to inject their own malicious software into an unpatched machine.

Two of the seven vulnerabilities are related to QuickTime's rendering of PICT images, one to how the player handles the QTVR (QuickTime Virtual Reality) file format, three to its movie file management, and one to how it works with Java applets.

The six flaws that involve image or video file formats can be exploited by attackers able to dupe users into opening malformed files, while the seventh - the one related to Java - could be used simply by getting a user to a website with a malicious applet. That vulnerability, however, can result in remote code execution only if the attacker has some, if only limited, access rights to the target Mac or PC, said Apple.

QuickTime can be updated using Mac OS X's built-in Software Update feature, while Windows XP and Vista users can either download QuickTime 8.3 from the Apple Web site or use the update tool packaged with earlier editions.


IDG UK Sites

Motorola Moto G2 release date, price and specs: Best budget smartphone gets upgrades

IDG UK Sites

How to join Apple's OS X Beta Seed Program: Get OS X Yosemite on your Mac before public release

IDG UK Sites

Why the BBC iPlayer outage was caused by a DDoS attack: Topsy and Tim isn't *that* popular

IDG UK Sites

How to make an 'Apple iWatch' using an iPod nano and a 3D printer