Apple patches Windows Quicktime flaw

Written by James Delahunty @ 04 Oct 2007 5:44 User comments (4)

Apple Inc. has issued updates that address security concerns with the Quicktime multimedia software for the Windows operating systems. The patch is for users of QuickTime v7.2 software, running Microsoft Windows Vista or Windows XP SP2. It addresses the vulnerability in CVE-2007-4673 which could allow an attacker to take control of a victim's PC.

The vulnerability is exploited with maliciously crafted files which are opened with QuickTime by unsuspecting users, leading to arbitrary code execution. "A command injection issue exists in QuickTime's handling of URLs in the qtnext field> in files with QTL content. By enticing a user to open a specially crafted file, an attacker may cause an application to be launched with controlled command line arguments, which may lead to arbitrary code execution," Apple describes.

The update is available at: http://www.apple.com/support/downloads/

Source:
News.com

<Halo 3 makes over $300 million USD in first week >CyberLink offers MakeDisc 3

4 user comments

111.10.2007 13:20

borhan9

Send private message to this user

AfterDawn Addict

Thanxs for the heads up i may update quicktime this weekend :)

211.10.2007 19:23

pryme_H

Send private message to this user

Senior Member

Although, I may never know...It's interesting how my computer coincidentally got infected with a virus and crashed just a couple of days ago. Apple is slipping. First, THIS; and then this flaw.

311.10.2007 19:41

olyteddy

Send private message to this user

Senior Member

IMHO anything Apple IS a virus. Have you ever tried to remove Quicktime? I use QTA.

412.10.2007 08:43

pryme_H

Send private message to this user

Senior Member

At olyteddy,
I uninstalled QuickTime right away as soon as I say this post.

Comments have been disabled for this article.

	YouTube Premium starts showing ads to subscribers (13 Nov 2024 3:09) For years, YouTube Premium has been marketed as a way to enjoy an ad-free YouTube experience. But apparently, that is no longer the case, as Premium subscribers are now starting to see ads on the platform.
	Android 16 will launch sooner than expected (01 Nov 2024 6:45) Google announced that upcoming Android 16 will break the traditional once-a-year cycle of major Android launches. Next Android is poised to launch in Q2 of 2025, so Android 16 should ship before end of June, 2025.
	Winamp ends its "open source" project that wasn't really open source (20 Oct 2024 11:12) Less than a month after the legendary MP3 player Winamp made its source code public, the company has made a sudden U-turn and removed its code from distribution. 2 user comments
	Winamp released its source code - but didn't go open source (25 Sep 2024 12:38) The source code of Winamp has now been officially released. However, it hasn't become a pure open-source project, as its licensing terms prohibit the creation of new, different versions.
	Does your phone rattle? Here's why it happens (25 Aug 2024 8:30) When you shake your phone and hear a light rattle, clatter, or jingle, it's likely not broken. The culprit is probably the optical image stabilization (OIS) system in your phone's camera, meaning everything is functioning as it should. 2 user comments

	Guide: Phone battery drains quickly - how to fix (iPhone / Android) In this guide, we go through the most typical reasons for rapid battery drain with phones, and look at potential reasons or solutions.
	GUIDE: Wi-Fi speeds are slow? Here are some tips Having problems with Wi-Fi speed and stability at home? Here are some tips to follow to alleviate the issues. 1 user comment
	What happens if you don't update Android? Sometimes it can be tempting to avoid updating to a new Android version. What happens if you decide to delay major updates to the OS?
	Does your phone rattle? Here's why it happens When you shake your phone and hear a light rattle, clatter, or jingle, it's likely not broken. The culprit is probably the optical image stabilization (OIS) system in your phone's camera, meaning everything is functioning as it should. 2 user comments
	What IP rating for dust and water resistance means An IP classification (such as IP68) is given to mobile phones, Bluetooth speakers, and other devices, but what do these classifications mean? 1 user comment

Apple patches Windows Quicktime flaw

4 user comments

Latest news

Reviews

Guides

News archive

Subscribe

Sections:

Follow us:

	Roborock S8 MaxV Ultra review - obstacle avoidance doesn't work as it should, otherwise almost perfect robot vacuum We put the Roborock S8 MaxV Ultra through a very, very long review process. The $1800 mopping robot vacuum is almost perfect, but its obstacle avoidance was surprisingly bad, considering the price - and compared to its competitors.
	Sharge x OnePlus Pouch review: Beautiful power bank that supports SuperVOOC charging In our review, we take a look at Sharge's power bank that supports OnePlus SuperVOOC quick charging technology as well as standard USB PD charging. It has small design flaws, but despite those, the Pouch is very nice product. 1 user comment
	Roomba Combo j7+ review - Clever trick allows robot vacuum finally to tackle home with rugs and carpets Roomba Combo j7+ is the very first Roomba model to combine robot vacuum with mopping features. And Roomba Combo j7+ does all that with a very clever trick, which tackles the problem with mopping and carpets. But is it any good? We found out.