Apple patches Windows Quicktime flaw

Apple patches Windows Quicktime flaw
Apple Inc. has issued updates that address security concerns with the Quicktime multimedia software for the Windows operating systems. The patch is for users of QuickTime v7.2 software, running Microsoft Windows Vista or Windows XP SP2. It addresses the vulnerability in CVE-2007-4673 which could allow an attacker to take control of a victim's PC.

The vulnerability is exploited with maliciously crafted files which are opened with QuickTime by unsuspecting users, leading to arbitrary code execution. "A command injection issue exists in QuickTime's handling of URLs in the qtnext field> in files with QTL content. By enticing a user to open a specially crafted file, an attacker may cause an application to be launched with controlled command line arguments, which may lead to arbitrary code execution," Apple describes.



The update is available at: http://www.apple.com/support/downloads/

Source:
News.com

Written by: James Delahunty @ 4 Oct 2007 17:44
Advertisement - News comments available below the ad
  • 4 comments

  • borhan9

    Thanxs for the heads up i may update quicktime this weekend :)

    11.10.2007 13:20 #1

  • pryme_H

    Although, I may never know...It's interesting how my computer coincidentally got infected with a virus and crashed just a couple of days ago. Apple is slipping. First, THIS; and then this flaw.


    11.10.2007 19:23 #2

  • olyteddy

    IMHO anything Apple IS a virus. Have you ever tried to remove Quicktime? I use QTA.

    11.10.2007 19:41 #3

  • pryme_H

    At olyteddy,
    I uninstalled QuickTime right away as soon as I say this post.


    12.10.2007 08:43 #4

© 2024 AfterDawn Oy

Hosted by
Powered by UpCloud