Find a Review
Locate wireless services by a specific address, city, state, country, airport, or zip code.
- Get tech advice from thousands of PC World Members
- Rate and recommend the latest tech products
- Share your thoughts in blog and article comments
- Get free excerpts and exclusive discounts on Super Guides
Apple Patches QuickTime Vulnerabilities
Flaws could allow attackers to run malicious code on Mac OS X and Windows PCs.
Robert McMillan, IDG News Service
Just as Microsoft is releasing its monthly security patches, Apple Computer has fixed a number of nasty bugs in its QuickTime media player.
The fixes, which can be found in QuickTime 7.0.4, fix a total of five flaws in the player that could be used by attackers to run unauthorized code on a Max OS X or Windows computer running QuickTime.
Attackers theoretically could exploit the bugs by tricking a user into viewing a maliciously crafted image or media file with the QuickTime Player, Apple said in a statement released Monday.
The images could come in a variety of formats, including TIFF, GIF, TGA, or QTIF, Apple said.
Wide-Ranging Fix
Kyle Haugsness of the SANS Internet Storm Center seemed impressed by the scope of this update.
"To summarize the advisory: A maliciously-crafted GIF/TIFF/TGA/QTIF image or multimedia file may result in arbitrary code execution," he wrote in a Tuesday Web posting. "Well that pretty much covers the whole Web browsing thing."
Image-related security vulnerabilities have grabbed a lot of attention lately, thanks in large part to a WMF (Windows Metafile) bug that hackers were exploiting last week. The WMF bug eventually gathered so much attention that on Thursday Microsoft took the unusual step of patching it several days ahead of its regularly scheduled security software update. That regular update occurred on Tuesday.
PC World's Marketplace
PC World's Free Whitepapers
tech news tech blogs community & forums laptop prices software reviews downloads
