Another Apple QuickTime bug reported

By
Follow google news

US-CERT has issued an alert concerning a new zero-day vulnerability in the Apple QuickTime media player.


Attackers can exploit the flaw to install malicious code on a user's machine if they open a specially crafted QuickTime file, US-CERT said Wednesday evening.

The researcher who reportedly discovered the vulneraiblity, Petko Petkov of the Gnucitizen think tank, could not immediately be reached for comment.

"US-CERT encourages users to use caution when opening QuickTime files, and apply best security practices...to help mitigate the risks," according to the alert.

So far this year, Apple has delivered three security updates to remedy bugs in QuickTime.

Vulnerable client-side software is nothing new, as researchers have reported similar problems in other offerings.

An Apple spokeswoman did not respond to a request for comment on Thursday.

See original article on scmagazineus.com
Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:
anotherapplebugquicktimereportedsecurity

Sponsored Whitepapers

Uncomplicate IT Service Delivery with AI Agents
Uncomplicate IT Service Delivery with AI Agents
Getting ahead of the tech: what’s next for Australian organisations in digital transformation
Getting ahead of the tech: what’s next for Australian organisations in digital transformation
Fintech compliance made fast and secure
Fintech compliance made fast and secure
How to evaluate SIEM solutions Safeguarding your future Get a demo Download guide
How to evaluate SIEM solutions Safeguarding your future Get a demo Download guide
2025 Security operations insights: Three-quarters of security leaders need something new in SIEM
2025 Security operations insights: Three-quarters of security leaders need something new in SIEM

Events

Most Read Articles

Researchers find critical vulnerabilities in cloud-based password managers

Researchers find critical vulnerabilities in cloud-based password managers
Service NSW launches Digital ID pilot

Service NSW launches Digital ID pilot
Services Australia describes fraud, debt-related machine learning use cases

Services Australia describes fraud, debt-related machine learning use cases
Victoria's whole-of-government CISO has left

Victoria's whole-of-government CISO has left
techpartner.news logo
Sydney-based AI-cloud waste startup raises $3m
Sydney-based AI-cloud waste startup raises $3m
Brennan uses NiCE to modernise its contact centre
Brennan uses NiCE to modernise its contact centre
Impact Awards: Tecala slashes customer response times for fintech IQumulate
Impact Awards: Tecala slashes customer response times for fintech IQumulate
Interactive introduces private cloud platform
Interactive introduces private cloud platform
Digital61 expands cybersecurity portfolio
Digital61 expands cybersecurity portfolio

Log In

  |  Forgot your password?