Application security, Patch/Configuration Management, Vulnerability Management

Apple closes 11 QuickTime holes

Apple late Wednesday released an update to its popular media player QuickTime, addressing 11 vulnerabilities that could be exploited by attackers to compromise PCs.

Most of the flaws, ranked "highly critical" by tracking firm Secunia, can be exploited to cause buffer overflows when unsuspecting end-users are tricked into viewing a maliciously crafted video file.

All of the 11 vulnerabilities affect unpatched Windows Vista machines, while nine impact systems running Mac OS X.

This is the third time this year that Apple has pushed out QuickTime updates.

Experts said many attackers are turning to media player exploits because users tend to trust links promising video. As a defense, users are advised not to visit untrusted websites or click on unknown links.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.