blob: f85fa7679bea1a5d4ef3303747ee81973e3fdd29 (
plain)
1
2
3
4
5
6
7
8
9
10
11
|
If you use Apple's Software Update to download the new iTunes update you'll notice there's also an update available for Quicktime which marks the second Quicktime has been updated this month. Earlier in the month Apple released an update to [address the flaws found during last month's Hack A Mac contest][1].
Today's release [addresses two flaws in Quicktime][2] both related to how Quicktime interacts with Java. One of the flaws will allow for remote code execution and the other will expose sensitive user data.
Both flaws require a user to visit a site containing a maliciously crafted Java applet.
The updates are recommended for all users on both Windows and Mac. And while you're at it make sure that you've got the previous update installed since the security firm Secunia said earlier this month that only about a third of users have downloaded that patch.
[1]: http://blog.wired.com/monkeybites/2007/05/apple_patches_q.html "Apple Patches Quicktime, Security Firm Still Not Happy"
[2]: http://docs.info.apple.com/article.html?artnum=305531 "Security Update (QuickTime 7.1.6)"
|
