Critical Apple QuickTime flaw dings Windows OS

Apple has shipped QuickTime 7.6.7 to fix a critical vulnerability that exposes Windows users to malicious hacker attacks.

Apple has shipped QuickTime 7.6.7 to fix a critical vulnerability that exposes Windows users to malicious hacker attacks.

The update, available for Windows XP SP3 and later, Windows Vista and Windows 7, corrects a flaw that could be exploited to launch remote code execution attacks.

According to Apple's advisory, the flaw could be exploited with a maliciously crafted movie file.

A stack buffer overflow exists in QuickTime's error logging. Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution. This issue is addressed by disabling debug logging. This issue does not affect Mac OS X systems.

QuickTime 7.6.7 may be obtained from the Windows software update application, or from theQuickTime Downloads site.

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All