Thoughtful, detailed coverage of the Mac, iPhone, and iPad, plus the best-selling Take Control ebooks.

QuickTime 7.1.5 Patches Panther, Tiger, XP, Vista Exploits

Send Article to a Friend

Apple has released an update to QuickTime for Mac OS X 10.3.9 and later, Windows XP, and Windows Vista. QuickTime 7.1.5 fixes numerous bugs, along with a flaw that could enable a maliciously crafted file to crash a program employing QuickTime or to allow arbitrary code execution - a phrase that often means there's a potential for an attacker to gain control of a computer or, at least, install malware.

Affected file types are broad: 3GP videos, MIDI files, native QuickTime movies, images in the venerable PICT file format, and QTIF files. Apple's notes indicate that a user need only open a maliciously crafted file, which means that Web sites could be used to launch attacks by embedding QuickTime documents in the right format.

There have been no reports of this flaw being exploited in the wild. A previous QuickTime flaw related to handling of JavaScript was exploited, notably on MySpace. Apple claims to have provided a temporary fix to MySpace, but it's unclear if that fix has made it into QuickTime 7.1.5.

 

Updated! PDFpen for iPad 1.7: Designed for iOS 7, faster, and
better-looking. Edit your PDFs anywhere. Sign contracts, make
changes, fill forms, and more. All while you’re on the move.
Syncs via iCloud and Dropbox. <http://smle.us/tbpdfpen-ipad>