Apple patches QuickTime flaw


Apple patches QuickTime flaw

Antony Savvas

Apple has patched a critical security flaw in its QuickTime media software.

The company has issued the patch after exploit code for the flaw had already appeared on the internet.

Security Update 2007-001 can be downloaded and installed via Apple Software Update preferences or from Apple Downloads.

The flaw leaves users’ systems open to remote attack if they visit certain malicious websites, confirmed Apple.
The security hole is a result of a buffer overflow opportunity that exists in QuickTime's handling of RTSP URLs.

By enticing a user to access a maliciously-crafted RTSP URL, an attacker can trigger the buffer overflow, which may lead to arbitrary code execution.

The update addresses the issue by performing additional validation of RTSP URLs, said Apple.

Critical security bug found in Apple OS

Month of Apple bugs

Comment on this article:

Related Topics: PC hardware, VIEW ALL TOPICS

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

COMMENTS powered by Disqus  //  Commenting policy