Thursday, February 7th 2008
Critical QuickTime 7.4 Bug Patched
Apple has released a security fix for its QuickTime media player software, fixing a critical bug that had been worrying security experts for nearly a month. The update, released Wednesday, fixes a vulnerability in the Real Time Streaming Protocol (RTSP) used by QuickTime to handle streaming media. It also fixes a previously reported incompatibility between QuickTime 7.4 and Adobe Premiere and After Effects, according to an Apple spokesman. In January, researcher Luigi Auriemma disclosed the flaw by posting proof-of-concept attack code that could be used to run unauthorised software on a victim's computer. For the attack to work, the criminal would have to first trick the user into viewing a maliciously encoded QuickTime media file. Wednesday's QuickTime 7.4.1 update is for both the Mac OS X and Windows operating systems.
Source:
Techworld
2 Comments on Critical QuickTime 7.4 Bug Patched