Apple releases QuickTime 7.7.3 for Windows, patches critical security vulnerabilities

Apple releases QuickTime 7.7.3 for Windows, patches critical security vulnerabilities

Summary: Apple just released QuickTime 7.7.3 for Windows, patching critical security vulnerabilities that could allow arbitrary code execution.

SHARE:
TOPICS: Security
5

Apple just released QuickTime 7.7.3 for Windows, patching critical security vulnerabilities that could allow arbitrary code execution.

More details on the patched vulnerabilities:

CVE-2011-1374 - Viewing a maliciously crafted PICT file may lead to an unexpected application termination or arbitrary code execution
CVE-2012-3757 - Viewing a maliciously crafted PICT file may lead to an unexpected application termination or arbitrary code execution
CVE-2012-3751 - Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution
CVE-2012-3758 - Viewing a maliciously crafted QuickTime TeXML file may lead to an unexpected application termination or arbitrary code execution
CVE-2012-3752 - Viewing a maliciously crafted QuickTime TeXML file may lead to an unexpected application termination or arbitrary code execution
CVE-2012-3753 - Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution
CVE-2012-3754 - Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution
CVE-2012-3755 - Viewing a maliciously crafted Targa file may lead to an unexpected application termination or arbitrary code execution
CVE-2012-3756 - Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution

Users are advised to upgrade to the latest version immediatelly.

Find out more about Dancho Danchev at his LinkedIn profile.

Topic: Security

Dancho Danchev

About Dancho Danchev

Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, malware and cybercrime incident response.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

5 comments
Log in or register to join the discussion
  • ...and here we go!

    Sorry, Chkaiban - did you say something...
    William Farrel
  • more buggy

    code from apple
    hoppmang
  • Apple Products Should Be Band On Windows.

    They have more security bugs than any other product on Windows. Is it a coincidence that they are competitors and Apple used the malware on Windows against MS in past comercials ("I'm A MAC, I'm A PC")?
    rmark@...
  • arbitary code execution

    how do you rely on a vendor when they make software that can execute external code from something as innocent as a font or a media file?
    warboat
  • Here we go again...

    So what took mApple so long? They sat on 9 vulnerabilities. Shouldn't they release an update a bit sooner instead wait months.

    [Oh now i know why. They will now claim they only release let's say 5 updates this year instead of the usual dozen by delaying updates - of course making our coimputers vulnerable to problems.]
    Gisabun