News

QuickTime hole awaits patch

A critical hole in Apple Computer's QuickTime media player has been identified and is awaiting a patch.

The vulnerability rated at "high severity" by eEye Digital Security, enables malicious code to be run on someone's machine "with little user interaction".

The hole exists across all versions of QuickTime and is present in the software's default settings, increasing the risk of the hole being used by hackers.

Apple was informed on 18 February and is working on a patch. eEye has stuck the problem in its upcoming advisories, complete with a bar chart showing that with only 15 days having passed since the bug was discovered, Apple users have not yet passed into dangerous territory.

eEye has flagged up no less than three high severity problems with Microsoft software, all of which are well past the maximum 60-day level that eEye feels is appropriate. eEye discovered the critical ASN flaw in Windows last month.

Kieren McCarthy writes for Techworld.com


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy