Apple plugs QuickTime hole

By Joris Evers
Staff Writer, CNET News

Related Stories: MySpace to Apple: Fix that worm
December 5, 2006; Worm uses QuickTime to spread on MySpace
December 4, 2006; Apple patches QuickTime for Macs, Windows
September 12, 2006

Apple Computer on Tuesday released a fix for a QuickTime flaw that could expose information stored on a Mac to outside attackers. The problem lies in QuickTime for Java and affects Mac OS X 10.4.8 both on the server and client, but does not affect the Windows version of QuickTime, the company said in an alert. An update is available from Apple's Web site.

An attacker could use Java applets with QuickTime for Java to obtain images rendered on-screen by embedded QuickTime objects and then upload them to the originating Web site. When this method is used in conjunction with Apple's Quartz Composer, it becomes possible to capture images that may contain local information, Apple said.

See more CNET content tagged:
Apple QuickTime, attacker, Apple Computer, Java, Apple Macintosh

Join the conversation

What's Hot

Discussions

Shared

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.

Join the conversation

Report offensive content:

E-mail this comment to a friend.

Warning! You will be deleting this comment and all its replies (if applicable).

Apple plugs QuickTime hole

MySpace to Apple: Fix that worm

Worm uses QuickTime to spread on MySpace

Apple patches QuickTime for Macs, Windows

Discussions

Shared

RSS Feeds

RSS

my Yahoo

Google

MSN