Apple has patched a number of critical flaws in its QuickTime media player.
With the 7.2 update, users can now view videos on the full screen with the QuickTime player, but the software also contains a number of critical security fixes. In total, Apple has addressed eight security vulnerabilities with the release, which was made public on Wednesday.
Four of the flaws are due to memory corruption or integer overflow bugs that could cause the viewer to crash if QuickTime were used to view maliciously crafted movies or files. Another three critical flaws relate to design issues in QuickTime for Java. Attackers could theoretically exploit these flaws by posting malicious Java applets on a Web site, where they could then compromise a victim's computer.
A final QuickTime for Java bug could "lead to the disclosure of sensitive information," Apple said in its security alert on the update.
Also on Wednesday, Apple pushed out a new release of its iTunes music software that fixes "a minor problem with iTunes 7.3 accessing the iTunes Library," the company said.
The QuickTime and iTunes updates are available for download by both Windows and Mac OS X users.
Sign up to receive Security Resource Alerts
A comprehensive security management solution can help you streamline, as well as grow, your current or evolving business. In this way, a strategic security approach can help you increase your competitiveness in these challenging market conditions.
Download now! »
Find out how you can effectively collect, normalize and archive enterprise-wide, security-related data that is invaluable for security investigation and compliance reporting.
Download now! »
This session focuses on the intersection of role management and identity compliance, and addresses the importance of identity compliance in enterprise governance and the challenges that organizations may face in achieving it.
View now! »
Recommend This
