September 12, 2006 4:56 PM PDT

Apple patches QuickTime for Macs, Windows

Apple Computer on Tuesday released an update to its QuickTime media player software that fixes seven security flaws, all of them serious.

The QuickTime vulnerabilities affect both Windows and Apple Mac OS X machines. Apple's update comes on the same day the company announced new digital music and video plans. Also, Microsoft on Tuesday released fixes for Office and Windows flaws.

The security flaws in QuickTime are all due to the application's failure to properly check and sanitize files in several formats: H.264, QuickTime, FLC, FlashPix and SGI. An attacker could craft a malicious file in any of those formats which, when opened, would fully compromise a vulnerable system or cause QuickTime to crash.

"A successful exploit may result in a remote compromise of the underlying computer," Symantec said in an alert sent to users of its DeepSight security intelligence service.

There are no known exploits for the flaws, Symantec said. This limits the threat. Apple regularly provides security updates for QuickTime, and often the flaws are in the handling of various file formats. Experts have said that cyberattackers are increasingly looking for flaws in applications.

Apple repaired the flaws in version 7.1.3 of QuickTime, which is available via the company's Software Update service and from the QuickTime Web site.

See more CNET content tagged:
Apple QuickTime, security flaw, flaw, Apple Computer, Symantec Corp.

3 comments

Join the conversation!
Add your comment
glad to see Apple fixing this quickly
Seeing as this affected Windows or OSX boxes.
Posted by techguy83 (295 comments )
Reply Link Flag
Response and Responsibility
I'm just glad they are acknowledging it instead of the way most security updates are handled by companies today- after the fact.

No product is perfect.
Posted by Vegaman_Dan (6683 comments )
Link Flag
When was this issue reported?
The article makes no mention of when Apple was made aware of this issue. The time between then and now will tell you how quickly Apple fixed the issue. Both Apple and Microsoft typically take between a few days to a few months to fix any particular issue (more severe issues tend to be fixed faster).
Posted by Seaspray0 (9714 comments )
Link Flag
 

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot

Discussions

Shared

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.