Computer Help Community

Community

Cyber Tech Help Community

New Tutorials

More Tutorials
PC Tutorials

New Downloads

More Downloads
PC Downloads

Member Testimonials

Open Member Quote   Thanks guys and gals for helping me fix my computer with your wonderful database of readily and logically available information here. - giiviak  Close Member Quote
Member Testimonials
MY CYBER TECH HELP

LATEST TOPICS

Tech Help Community

Free Antivirus Scan

Free Virus Scan and a listing of the top 10 viruses in the wild - Free Antivirus Scan
Free Online Antivirus Scan

File Extension Database

Find what program a filetype belongs to in our searchable File Extension Database.
File Extension Database

Services

See what services Cyber Tech Help can offer your business or website: CTH Services
CTH Services

Related MS Links

Related Links
Cyber Tech Help Community

To the top of the page to top

 



Apple fixes more QuickTime media flaws

Latest News Latest News | News ArchiveNews Archive | Cyber Tech Help News RSS Feed!

Apple fixes more QuickTime media flawsApple fixes more QuickTime media flaws

Posted by: Tweaker
Date added: 08:57, 14th December 2007 GMT
Source: Computer World News

Apple

Apple Inc. patched several bugs in QuickTime on Thursday, including a three-week-old streaming media vulnerability for which exploit code has been in circulation since the end of November.

Unveiled Thursday afternoon, QuickTime 7.3.1 patches problems in how the program handles three types of media content. The most anticipated fix, however, plugged the Real-Time Streaming Protocol (RTSP) hole first disclosed Nov. 23 by Polish researcher Krystian Kloskowski.

Apple today also patched other media-related vulnerabilities, including a buffer overflow bug in the QuickTime movie file format (QTL) and an unspecified number of flaws in QuickTime's handling of Flash files. To fix the Flash vulnerabilities, Apple disabled QuickTime's media handler for all Flash content "except for a limited number of existing QuickTime movies that are known to be safe," according to a security advisory the company posted.

The Flash strategy was almost identical to the tack Apple took with Java a month ago when it last patched QuickTime. Then, Apple essentially gave up on Java; rather than patch QuickTime yet again, it simply killed most of its Java-handling skills.

Exploits against any of the vulnerabilities patched today could result in what Apple calls "arbitrary code execution," meaning an attacker can inject malware or hijack the system. Apple does not rank its software mistakes, but other vendors, such as Microsoft Corp., usually label such vulnerabilities as critical.

Existing copies of QuickTime can be updated to 7.3.1 using Mac OS X's built-in Software Update feature, while Windows XP and Vista users can either download the patched version from the Apple Web site or use the Windows-only update tool.

Tools:  Tools: Post a comment | Link to this news item | Send to a friend | Submit News

 

Post a commentPost a comment

Error: You are not logged in.

In order to leave comments to news articles you must be a Cyber Tech Help Member.

Registration is completely free!  Register to become a member!  Register to become a member

Along with access to leave comments to news articles you will be able to ask any computing questions you might have on the Cyber Tech Help Forums.

 

[ To the top of the page To top | Latest News Latest News | News Archive News Archive | Cyber Tech Help News RSS Feed! ]