Apple pushes new QuickTime version for Windows

By on
Apple pushes new QuickTime version for Windows

Flaw impacts Windows 7, Vista, and XP SP 2 and 3.

Apple has issued a new version of its QuickTime video player for Windows to address a "critical" vulnerability that could allow cybercriminals to execute arbitrary code on an affected system.

QuickTime 7.6.7 resolves a stack buffer overflow vulnerability in QuickTime's error logging process, according to Apple's advisory. Because of the flaw, viewing a maliciously crafted movie file could lead to unexpected application termination or arbitrary code execution.

The flaw impacts Windows 7, Vista, and XP SP 2 and 3, according to Apple. The issue does not affect Mac OS X systems. 

Researchers earlier this month discovered two movie files on file-sharing networks that were taking advantage of QuickTime Player to download malware from malicious websites.

But the attack, which used .MOV files that masqueraded as the new Angelina Jolie film Salt, did not take advantage of a flaw but instead relied on social engineering to trick users into downloading the malware, Apple has said.

See original article on scmagazineus.com

Copyright © SC Magazine, US edition
Tags:
In Partnership With

Most Read Articles

Log In

Username / Email:
Password:
  |  Forgot your password?