Apple fixes security issues with QuickTime 7.5
Apple released QuickTime 7.5 late on Monday, fixing a handful of security issues, including holes that would have allowed someone to run malicious code on a computer and remotely control it.
One of the issues, which would have allowed a maliciously crafted PICT image file to run code, affected computers running Windows Vista and XP SP2.
Four other issues affected Vista and XP SP2, as well as Mac OS X 10.3.9, Mac OS X 10.4.9 through 10.4.11, and Mac OS X 10.5 or later. QuickTime 7.5 fixes a memory corruption issue in the software's handling of AAC-encoded media content; a heap buffer overflow related to PICT images; a stack buffer overflow related to the handling of Indeo video codec content; and a URL issue that was addressed by revealing files in Finder or Windows Explorer rather than launching them.
More information can be found on the Apple Web site.
Credit for reporting the different security issues was given to Dyon Balding of Secunia Research; Dave Soldera of NGS Software and Jens Alfke; Liam O Murchu of Symantec; an anonymous researcher working with TippingPoint's Zero Day Initiative; and Vinoo Thomas and Rahul Mohandas of McAfee Avert Labs, along with Petko D. Petkov of Gnucitizen working with TippingPoint's Zero Day Initiative.
Two months ago, Apple released QuickTime 7.4.5, which addressed a number of "highly critical" security flaws in the media player.
Elinor Mills covers Internet security and privacy. She joined CNET News in 2005 after working as a foreign correspondent for Reuters in Portugal and writing for The Industry Standard, the IDG News Service, and the Associated Press. E-mail Elinor. 
There are better media players and codecs on both macs and pcs.
- by tomka-du September 9, 2008 12:42 PM PDT
- My favorite megaupload search engine is megauploadfiles.com it?s the most powerful an easy to use. megauploadfiles.com has incredible speed of searching rapidshare links in the internet.
- Like this Reply to this comment
-
(4 Comments)