Alert (TA09-022A)
Apple QuickTime Updates for Multiple Vulnerabilities
Systems Affected
- Apple QuickTime 7.5 for Windows and Mac OS X
Overview
Apple has released QuickTime 7.6 to correct multiple vulnerabilities affecting QuickTime for Mac OS X and Windows. Attackers may be able to exploit these vulnerabilities to execute arbitrary code or cause a denial of service.
Description
Apple QuickTime 7.6 addresses a number of vulnerabilities affecting QuickTime. An attacker could exploit these vulnerabilities by convincing a user to access a specially crafted media or movie file. This file could be hosted on a web page or sent via email.
Impact
The impacts of these vulnerabilities vary. Potential consequences include arbitrary code execution and denial of service.
Solution
Upgrade to QuickTime 7.6. This and other updates are available via Software Update or via Apple Downloads.
References
- About the security content of QuickTime 7.6 - http://support.apple.com/kb/HT3403
- Apple Support Downloads - http://support.apple.com/downloads/
- Mac OS X - updating your software - http://support.apple.com/kb/HT1338?viewlocale=en_US
- Securing Your Web Browser - https://www.us-cert.gov/reading_room/securing_browser/
Revision History
- January 22, 2009: Initial release
This product is provided subject to this Notification and this Privacy & Use policy.
