Friday

QuickTime update closes security hole



On 12 September, pdp introduced us to a 0-day exploit: Quicktime owns Firefox.
It was possible to execute program code on computers running Firefox by means of specially prepared QuickTime Link files (.qtl). The Firefox developers had already released a patch to resolve this in Firefox 2.0.0.7. Now, Apple is fixing the cause of the problem in QuickTime 7.2 for Windows Vista and XP Service Pack 2. Mac OS X was never not affected.

Security Update for QuickTime 7.2

No comments: