QuickTime 7.3.1 Fixes RTSP Vulnerability
Apple has released QuickTime 7.3.1, a security update that patches a potentially serious exploit (see “Protect Yourself from the QuickTime RTSP Vulnerability,” 2007-09-07). Unlike many recent security issues on the Mac, malicious code that took advantage of the QuickTime RTSP (Real Time Streaming Protocol) vulnerability was active in the wild: a specially crafted Web page could install malicious software on your computer. According to Apple’s security release notes, QuickTime 7.3.1 fixes the flaw in RTSP as well as holes in QuickTime’s Flash media handler.
Apple recommends the update for all users: it’s available via Software Update and in standalone form for Leopard (52.6 MB), Tiger (48.7 MB), Panther (50.9 MB), and Microsoft Windows XP and Vista (20.3 MB).