D
DelJo63
On the 23 of January, Apple issued a Security Update for the Quicktime player to address a vulnerability, which was published on the first day of the year. A bit late, considering that the issue is fairly-straight forward to exploit (in fact, Secunia knows of at least two working exploits in the wild) and the fact that Quicktime is installed on more than 50% of private PCs*.
But now the patch is out, all is forgiven and everyone is happy, because now they can secure their system. Right?
WRONG!
Turns out, only Apple Mac OS X users can download the security update. Windows users, who download the latest version of Quicktime are (at the time of writing, 2 days after the Security Update was published by Apple) still vulnerable.
If you're a Windows user, you simply can't download a non-vulnerable version. Secuniawas informed about this issue because we received an enormous amount of feedback from users of the Secunia Software Inspector. They complained that they had just downloaded the "latest" version from Apple and that the Software Inspector was wrong in reporting that they were still were vulnerable!
see the details at http://secunia.com/blog/7/
But now the patch is out, all is forgiven and everyone is happy, because now they can secure their system. Right?
WRONG!
Turns out, only Apple Mac OS X users can download the security update. Windows users, who download the latest version of Quicktime are (at the time of writing, 2 days after the Security Update was published by Apple) still vulnerable.
If you're a Windows user, you simply can't download a non-vulnerable version. Secuniawas informed about this issue because we received an enormous amount of feedback from users of the Secunia Software Inspector. They complained that they had just downloaded the "latest" version from Apple and that the Software Inspector was wrong in reporting that they were still were vulnerable!
see the details at http://secunia.com/blog/7/
