Technology news and Jobs 
Information Technology News QuickTime 7.3 plugs multiple vulnerabilities
Information Technology News QuickTime 7.3 plugs multiple vulnerabilities | QuickTime 7.3 plugs multiple vulnerabilities |
|
| by Stephen Withers | |
| Tuesday, 06 November 2007 | |
      
The flaws addressed by the update affect the Mac and Windows versions of the software. Three involve the use of maliciously crafted movie files to cause applications to crash or execute arbitrary code. Two more relate to similar vulnerabilities relating to PICT files, and another to QuickTime VR files. QuickTime 7.3 also addresses "multiple vulnerabilities" in QuickTime for Java that could be used in privilege escalation attacks. QuickTime for Java is no longer accessible to untrusted Java applets. Apart from the "numerous bug fixes", QuickTime 7.3 includes updates for JavaScript in the QuickTime Web Plug-in and improved support for the creation of iPhone-compatible web content. QuickTime 7.3 is "recommended for all QuickTime 7 users" according to Apple officials, and is required for iTunes 7.5, which was released at the same time. In addition to bug fixes, iTunes 7.5 can activate an iPhone wherever service is offered and provides support for Phase, "a new interactive music game designed exclusively for iPod nano (third generation), iPod classic, and iPod (fifth generation)." QuickTime 7.3 and iTunes 7.5 are available via Software Update on Mac OS X, via Apple Software Update on Windows (if previously installed), or from Apple's web site.
|
Tags
| < Next story in category | Previous story in the category > |
|---|
