AfterDawn: Tech news

Apple patches Windows Quicktime flaw

Written by James Delahunty (Google+) @ 04 Oct 2007 17:44 User comments (4)

Apple patches Windows Quicktime flaw Apple Inc. has issued updates that address security concerns with the Quicktime multimedia software for the Windows operating systems. The patch is for users of QuickTime v7.2 software, running Microsoft Windows Vista or Windows XP SP2. It addresses the vulnerability in CVE-2007-4673 which could allow an attacker to take control of a victim's PC.
The vulnerability is exploited with maliciously crafted files which are opened with QuickTime by unsuspecting users, leading to arbitrary code execution. "A command injection issue exists in QuickTime's handling of URLs in the qtnext field> in files with QTL content. By enticing a user to open a specially crafted file, an attacker may cause an application to be launched with controlled command line arguments, which may lead to arbitrary code execution," Apple describes.

The update is available at: http://www.apple.com/support/downloads/

Source:
News.com

Previous Next  

4 user comments

111.10.2007 13:20

Thanxs for the heads up i may update quicktime this weekend :)

211.10.2007 19:23

Although, I may never know...It's interesting how my computer coincidentally got infected with a virus and crashed just a couple of days ago. Apple is slipping. First, THIS; and then this flaw.


311.10.2007 19:41

IMHO anything Apple IS a virus. Have you ever tried to remove Quicktime? I use QTA.

Comments have been disabled for this article.

News archive