iTWire - Apple fixes QuickTime for Java security flaw

IT&T JOBS|Discussion forum|Technology Events|IT Education|

Today on iTWire IT News Telecommunications People Our Blogs Tech Lifestyle Releases Science Sustainability MyProfile Whitepapers

Daily ICT Newsletter FREE TRIAL

Follow iTWire on Twitter

About iTWire

iTWire is all about technology news, information, jobs and community for the IT and telecommunications industry professional. Subscribe to our free ICT daily newsletter

Apple fixes QuickTime for Java security flaw

E-mail

by Stephen Withers
Wednesday, 02 May 2007
Apple has moved quickly to fix the QuickTime for Java vulnerability that earned discoverer Dino Dai Zovi a $10,000 purse from a competition at the recent CanWestSec security conference. Featured Whitepaper 5 Best Practices for Smartphone Support QuickTime 7.1.6 for Mac OS X and Windows overcomes the vulnerability that allowed reading or writing out of the bounds of the allocated heap. This flaw meant a maliciously crafted Java applet could trigger the execution of arbitrary code. The speedy release of the patch - just a week and a half after the flaw was discovered - underlines its seriousness. A successful exploit meant an attacker could gain control of a computer simply by luring its user to a malicious web page. No other action is required of the user, and there is no outward sign that the attack is taking place. Thus the vulnerability has been likened to the ANI flaw in Windows, which led Microsoft to release a patch outside its normal monthly release cycle. Other changes in version 7.1.6 include support for Final Cut Studio 2 and timecode and closed captioning display in QuickTime Player. The Windows version also includes "numerous bug fixes" according to Apple officials. Mac users may download the update from Apple's web site or via Software Update; Windows users can download it from Apple's web site or via the Apple Software Update utility installed as part of the 'iTunes + QuickTime' package.{moscomment} Tags See All Tags Apple Macintosh Malware Web Windows iTunes Powered By Joomla Tags Please enable JavaScript in your browser to post your comment!

< Next story in category		Previous story in the category >

	Visitors last 30 days	694,279
	Subscribers	15,210

#1 independent technology news advertise here

- Advertisement -

Featured Whitepapers

	5 Best Practices for Smartphone Support Worldwide shipments of smartphones reached a high of nearly 40 million units in the third quarter of 2008, helping to grow the category by 28% from the same quarter last year.
	Legacy Tools: Not For Today’s Helpdesk Why applications like RDP, VPNs and VNC may be costing you time, money and end-user satisfaction.

Business & IT Transformation Roles

Systems Analysts	Business Process Analysts
Test Analysts	Business Analysts
Business Readiness Analysts

Project C

stats for wordpress