Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Quicktime upgrade time SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Quicktime upgrade time
Apple released a Quicktime upgrade to version 7.1 that fixes a number of vulnerabilities in the Quicktime viewer.

Normally I'd like suggest to read the release notes for details, but they are typically thin in explaining what's been fixed and/or otherwise changed.

Basically viewing crafted images:
and movies:
can lead to arbitrary code execution.

The fixed version is available for both OS X and Windows. The best about it all is that at least we don't get the implicit insults we should only visit trusted websites.

Without more information the only option is not to use quicktime or upgrade.

Swa Frantzen - Section 66

760 Posts
May 12th 2006

Sign Up for Free or Log In to start participating in the conversation!