TechTarget

Apple patches QuickTime flaw

Apple has patched a critical security flaw in its QuickTime media software.

This Article Covers

PC

Apple has patched a critical security flaw in its QuickTime media software.

The company has issued the patch after exploit code for the flaw had already appeared on the internet.

Security Update 2007-001 can be downloaded and installed via Apple Software Update preferences or from Apple Downloads.

The flaw leaves users’ systems open to remote attack if they visit certain malicious websites, confirmed Apple.
   
The security hole is a result of a buffer overflow opportunity that exists in QuickTime's handling of RTSP URLs.

By enticing a user to access a maliciously-crafted RTSP URL, an attacker can trigger the buffer overflow, which may lead to arbitrary code execution.

The update addresses the issue by performing additional validation of RTSP URLs, said Apple.

Critical security bug found in Apple OS

Month of Apple bugs

Comment on this article: computer.weekly@rbi.co.uk

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close