June 01, 2009

Apple patches QuickTime for 10 security holes

Apple on Monday released an updated version of its popular QuickTime software.

Version 7.6.2 closes 10 vulnerabilities, all of which could have been exploited to execute arbitrary code, according to an advisory. Attackers would have spread their exploits by persuading users into opening maliciously crafted movie files or images.

In January, Apple pushed out fixes for seven QuickTime bugs. Experts have said attackers prefer taking advantage of these type of client-side problems because many users trust popular multimedia software.

Apple on Monday also delivered the latest update to iTunes, according to a second advisory. Version 8.2 patches for one vulnerability, a stack buffer overflow issue that could be exploited if a user visits a malicious website.

This was the second iTunes update of the year.




Related Articles
Related Topics

More in News

Privacy-bolstering "Apps Act" introduced in House

The bill would provide consumers nationwide with similar protections already enforced by a California law.

Microsoft readies permanent fix for Internet Explorer bug used in energy attacks

Microsoft is prepping a whopper of a security update that will close 33 vulnerabilities, likely including an Internet Explorer (IE) flaw that has been used in targeted website attacks against the U.S. government.

Weakness in Adobe ColdFusion allowed court hackers access to 160K SSNs

Up to 160,000 Social Security numbers and one million driver's license numbers may have been accessed by intruders.