QuickTime flaws fixed in update

By
Follow google news

Researchers have discovered a number of flaws in Apple’s QuickTime media player that can result in DoS attacks and remote system access.

Apple has released an update for the flaws as part of QuickTime’s latest version, detailing the group of nine flaws on its support website.


Malicious users could create corrupt QuickTime, Flash, H.264, MPEG4 and AVI movies or FlashPix, PICT, BMP and JPEG images to take advantage of the flaws, which can result in application crash or arbitrary code execution, according to numerous security advisories.

The new version can be downloaded via software update preferences or from Apple downloads, according to the Cupertino, Calif., company.

Mike Price of McAfee’s AVERT Labs discovered six of the nine flaws, according to vulnerability monitoring form Secunia.

The flaws were first discovered on March 7, according to eEye Digital Security, which also published an advisory for the flaws.

Add iTnews as your trusted source

Add iTnews As Your Trusted Source Add iTnews As Your Trusted Source
Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:
fixedflawsinquicktimesecurityupdate

Sponsored Whitepapers

1 in 3 companies lose SaaS data. Here’s how to prevent it
1 in 3 companies lose SaaS data. Here’s how to prevent it
The biggest AI opportunities are still ahead
The biggest AI opportunities are still ahead
AI workflows vs. AI agents: From automation to autonomy
AI workflows vs. AI agents: From automation to autonomy
Context engineering with hybrid search for agentic AI
Context engineering with hybrid search for agentic AI
Building search in the age of generative AI: A blueprint for success
Building search in the age of generative AI: A blueprint for success

Events

Most Read Articles

Services Australia describes fraud, debt-related machine learning use cases

Services Australia describes fraud, debt-related machine learning use cases
GitHub compromised, allegedly by TeamPCP

GitHub compromised, allegedly by TeamPCP
Medibank reveals attack vector and cost of 2022 security breach

Medibank reveals attack vector and cost of 2022 security breach
Victorian bulk porting scammer gets over two years in prison

Victorian bulk porting scammer gets over two years in prison
techpartner.news logo
Sydney-based AI-cloud waste startup raises $3m
Sydney-based AI-cloud waste startup raises $3m
Brennan uses NiCE to modernise its contact centre
Brennan uses NiCE to modernise its contact centre
Impact Awards: Tecala slashes customer response times for fintech IQumulate
Impact Awards: Tecala slashes customer response times for fintech IQumulate
Interactive introduces private cloud platform
Interactive introduces private cloud platform
Digital61 expands cybersecurity portfolio
Digital61 expands cybersecurity portfolio

Log In

  |  Forgot your password?