Apple Releases Security Updates for QuickTime

Apple QuickTime for

• Apple Mac OS X
• Microsoft Windows

Apple has released Apple QuickTime 7.2 to correct several vulnerabilities. These vulnerabilities could allow an attacker to gain access to your computer.

Solution

Install an Update

OS X users should use the Mac OS X Software Update feature to download and install Apple QuickTime 7.2. Consider scheduling Software Update to check for updates automatically (this option is enabled by default).

Microsoft Windows users should upgrade to Apple QuickTime 7.2.

QuickTime prior to version 7.2 has multiple image and media file handling vulnerabilities that could allow an attacker to run malicious programs on your computer. This could happen by visiting a malicious web site. Upgrading to Apple QuickTime version 7.2 will correct these vulnerabilities.

Note that QuickTime ships with Apple iTunes.

For more technical information, see US-CERT Technical Alert TA07-193A and the Apple QuickTime Security Update.

References

• US-CERT Technical Alert TA07-193A - <http://www.us-cert.gov/cas/techalerts/TA07-193A.html>
• Vulnerability Notes for QuickTime 7.2 - <http://www.kb.cert.org/vuls/byid?searchview&query=QuickTime_72>
• About the security content of the QuickTime 7.2 Update - <http://docs.info.apple.com/article.html?artnum=305947>
• Apple QuickTime 7.2 for Windows - <http://www.apple.com/support/downloads/quicktime72forwindows.html>
• Apple QuickTime 7.2 for Mac - <http://www.apple.com/support/downloads/quicktime72formac.html>
• Standalone Apple QuickTime Player - <http://www.apple.com/quicktime/download/standalone.html>
• Mac OS X: Updating your software - <http://docs.info.apple.com/article.html?artnum=106704>
• Securing Your Web Browser - <http://www.us-cert.gov/reading_room/securing_browser/>

.

Revision History

• July 12, 2007: Initial release