Mac users can upgrade to QuickTime 7.4.1 using the operating system's built-in Software Update feature, while Windows users can either download the new edition from the Apple site or use the Windows-only update tool. In 2007, the company patched 34 vulnerabilities in its multimedia player program. In mid-January, Apple patched four other vulnerabilities in QuickTime today's fix, the fifth for the year, puts Apple on an annual pace of 45 total QuickTime bugs.
Today's security advisory noted that a successful attack "may lead to an unexpected application termination or arbitrary code execution." The phrase "arbitrary code execution" is Apple's way of saying that attackers may be able to insert their malicious code into the victim's computer and snatch control of it. "The problem reported by was caused by his non-default configuration.
In an e-mail, Auriemma explained the confusion last month over whether Macs were vulnerable. Apple has now confirmed that macOS 10.15 won’t support 32-bit software, which includes QuickTime 7 and all media formats and codecs relying on it. According to the company, not only are Windows XP and Vista affected, but also the players included with Mac OS X 10.3, 10.4 and 10.5.
Apple updated both the Windows and Mac versions of QuickTime today. Shortly after that, however, another researcher claimed that only the Windows edition was buggy.Īpparently not. Last month, Italian researcher Luigi Auriemma posted sample attack code for the vulnerability, which he said could be exploited using both the Windows and Mac OS X versions of QuickTime.
0 kommentar(er)
