This article originally appeared in TidBITS on 2007-12-14 at 11:48 p.m.
The permanent URL for this article is:
Include images: Off

QuickTime 7.3.1 Fixes RTSP Vulnerability

by Jeff Carlson

Apple has released QuickTime 7.3.1, a security update that patches a potentially serious exploit (see "Protect Yourself from the QuickTime RTSP Vulnerability [1]," 2007-09-07). Unlike many recent security issues on the Mac, malicious code that took advantage of the QuickTime RTSP (Real Time Streaming Protocol) vulnerability was active in the wild: a specially crafted Web page could install malicious software on your computer. According to Apple's security release notes [2], QuickTime 7.3.1 fixes the flaw in RTSP as well as holes in QuickTime's Flash media handler.

Apple recommends the update for all users: it's available via Software Update and in standalone form for Leopard [3] (52.6 MB), Tiger [4] (48.7 MB), Panther [5] (50.9 MB), and Microsoft Windows XP and Vista [6] (20.3 MB).