QuickTime hole awaits patch


QuickTime hole awaits patch

A critical hole in Apple Computer's QuickTime media player has been identified and is awaiting a patch.

The vulnerability rated at "high severity" by eEye Digital Security, enables malicious code to be run on someone's machine "with little user interaction".

The hole exists across all versions of QuickTime and is present in the software's default settings, increasing the risk of the hole being used by hackers.

Apple was informed on 18 February and is working on a patch. eEye has stuck the problem in its upcoming advisories, complete with a bar chart showing that with only 15 days having passed since the bug was discovered, Apple users have not yet passed into dangerous territory.

eEye has flagged up no less than three high severity problems with Microsoft software, all of which are well past the maximum 60-day level that eEye feels is appropriate. eEye discovered the critical ASN flaw in Windows last month.

Kieren McCarthy writes for Techworld.com

Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy