First for mac news, reviews and know-how
SEARCH FOR:   Advanced Search       
Welcome Guest  Register Log in

News 

[PSUs]
Thursday 7th February 2008
UPDATED: Apple patches QuickTime flaws 6:43AM, Thursday 7th February 2008
Apple has released the latest update for QuickTime, closing a security vulnerability and fixing a compatibility issue with Adobe After Effects.

The security update addresses a heap buffer overflow that exists in QuickTime's handling of HTTP responses when RTSP (real time streaming protocol) tunneling is enabled.

By enticing a user to visit a maliciously crafted webpage, an attacker may cause an unexpected application termination or arbitrary code execution. The
 
 
ADVERTISEMENT
update addresses the issue through improved bounds checking.

The update also fixes a problem that could prevent rendering in After Effects.

QuickTime 7.4.1 is available for Leopard, Panther and Tiger systems via Software Update or from apple.com/support/downloads.

Apple has also provided more details of the content of the latest iPhoto update. Through improved handling of format strings when processing photocast subscriptions, the update addresses a vulnerability that could let a remote attacker cause arbitrary code execution.

The update also enhances the resolution of images in a WebGallery to 1024x768, a change designed to improve viewingon the web and Apple TV.
Simon Aughton

Submit to: Digg  |  Slashdot  |  Del.icio.us  |  Technorati

Related News


Back to top
› See more News

Columns

Editorial: Do brands need space to grow?

With one key press, Apple deleted the space between the iPhone's 3G and S. › See full Opinion
› See more Columns