Skip to content
Thoughtful, detailed coverage of everything Apple for 28 years
and the TidBITS Content Network for Apple professionals

QuickTime 7.1.5 Patches Panther, Tiger, XP, Vista Exploits

Apple has released an update to QuickTime for Mac OS X 10.3.9 and later, Windows XP, and Windows Vista. QuickTime 7.1.5 fixes numerous bugs, along with a flaw that could enable a maliciously crafted file to crash a program employing QuickTime or to allow arbitrary code execution – a phrase that often means there’s a potential for an attacker to gain control of a computer or, at least, install malware.

Affected file types are broad: 3GP videos, MIDI files, native QuickTime movies, images in the venerable PICT file format, and QTIF files. Apple’s notes indicate that a user need only open a maliciously crafted file, which means that Web sites could be used to launch attacks by embedding QuickTime documents in the right format.

There have been no reports of this flaw being exploited in the wild. A previous QuickTime flaw related to handling of JavaScript was exploited, notably on MySpace. Apple claims to have provided a temporary fix to MySpace, but it’s unclear if that fix has made it into QuickTime 7.1.5.

Subscribe today so you don’t miss any TidBITS articles!

Every week you’ll get tech tips, in-depth reviews, and insightful news analysis for discerning Apple users. For 28 years, we’ve published professional, member-supported tech journalism that makes you smarter.

Registration confirmation will be emailed to you.