Critical QuickTime Update Released

Apple has fixed a bad QuickTime security flaw exposed at a recent security conference.

A flaw in QuickTime that was revealed at a show in order to win a prize for hacking a Mac was fixed by Apple 10 days later.

Users should immediately upgrade to Apple's QuickTime 7.1.6 which addresses the problem in QuickTime for Java.

Apple's advisory describing the problem says it "...may allow reading or writing out of the bounds of the allocated heap. By enticing a user to visit a web page containing a maliciously-crafted Java applet, an attacker can trigger the issue which may lead to arbitrary code execution."

Copyright 2007 by Ziff Davis Media, Distributed by United Press International


Explore further

QuickTime Exploit Details Disputed

Citation: Critical QuickTime Update Released (2007, May 3) retrieved 16 September 2019 from https://phys.org/news/2007-05-critical-quicktime.html
This document is subject to copyright. Apart from any fair dealing for the purpose of private study or research, no part may be reproduced without the written permission. The content is provided for information purposes only.
0 shares

Feedback to editors

User comments

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more