The vulnerabilities expose both Macs and Windows PCs to cyberattack, Apple said in a security alert. In all cases, an attacker could craft a malicious file which, when opened with QuickTime, could give the miscreant full control over a computer running the software, Apple said.
The problems lie in the way QuickTime handles a number of formats. The security updates repair problems in the way the software handles QuickTime, MIDI, 3GP, PICT and QTIF files, according to the Apple alert.
The fixed version of QuickTime is release 7.1.5. Along with the fixes, the latest version also includes some functionality improvements, Apple said. The update is available for download from Apple's Web site or through the Apple update feature, the company said.
Apple patches eight QuickTime holes
Posted on Tuesday, Mar 06 2007 @ 17:40 CET by Thomas De Maesschalck