Patch for cross-platform QuickTime flaw available

By Justin Mann on January 11, 2006, 1:48 PM
A set of flaws in the QuicktTime libraries has been patched by Apple, with a fix available for all systems. The flaws, which went largely unnoticed at first, affect QuickTime software running on Windows 2000, Windows XP and Mac OS X 10.3.9, and stems from the QuickTime libraries that the QuickTime Player and iTunes, among other software, use. The flaw could result in a system being compromised with arbitrary code execution possible, though there are not reports yet of people being compromised in this manner. This is one of those rare quirks that, even if largely unnoticed, is still unique because it is cross-platform. An updated version of QuickTime is available from Apple.




User Comments: 12

Got something to say? Post a comment
Cartz said:
It'll be interesting to see how people react to this flaw, as opposed to some of the recent MS media flaws, seeing as this would appear to have been the fault of Apple Computers.I didn't know anything about this bug until this article, I find it interesting that people wave flags and ring alarm bells over every flaw found in Windows. Yet, this bug just slipped silently by until a patch was available. It's almost like some people don't like Microsoft and want to see their image suffer or something :p [Edited by Cartz on 2006-01-11 14:19:13]
Masque said:
All eyes are on M$, which is how the others like it. Keeps the heat off of them.
exscind said:
Well, it's the whole popularity thing. Let's say 100 people use MS, but only 10 use Apple. So there's just a higher inherent probablity that more people will complain/whine about MS flaws and its image than Apple. Not too many people use QuickTime when compared to Windows Media Player (or any of its similar variations), so it is not unthinkable that the QuickTime flaw goes by unnoticed.
Vaerilis said:
I think that Quicktime Player is fairly common among Win XP users. A lot of websites offer streaming content in .mov format, and the default player for that is Quicktime Player. The same goes for H.264 encoded files (though they are still a rare find on the web), which either need QT7 or a player like the good old - albeit not so commonly used - Media Player Classic (MPC).
DragonMaster said:
Why I don't use QT? It's annying : Ads, ads, little taskbar icon that can't be disabled(Or very hard to)RealPlayer is as much annoying.That's why I use Winamp and WMP 6.
spike said:
I use a wquicktime alternative - smaller, and doesn't come bundled with that itunes bloat (I have nothing against itunes - I'm just not interested in it)
MonkeyMan said:
I use quicktime, mostly for video purposes. On occasion, it does crash every once in a while, so I'm wondering, is it related to this flaw? maybe so, but I will watch out for the update.
Race said:
So it looks like there is no choice.....if you upgrade to QT 7.0, you have to install the ITunes feature as well. (I'm going to read the fine print)I'm currently using 6.0 (plug-in), and if I can't get an update without ITunes, I'll sit tight.
Mictlantecuhtli said:
[b]Originally posted by Cartz:[/b][quote]I didn't know anything about this bug until this article, I find it interesting that people wave flags and ring alarm bells over every flaw found in Windows. Yet, this bug just slipped silently by until a patch was available. It's almost like some people don't like Microsoft and want to see their image suffer or something :p[/quote]Usually Apple just lets people know that a fix is available for a potential vulnerability.I find it interesting too that I haven't seen any applications (or scripts) taking advantage of unpatched vulnerabilities in OSX.
ThomasNews said:
You can get Quicktime 7 without iTunes;[url]http://www.apple.com/quicktime/download/standalo
e.html[/url]iTunes 6.0.2 has also been released. Me, I just use foobar2000 as my media player. iTunes I only use for the iPoid support
spike said:
Quicktime Alternative has an unpatched vulnerability...[url]http://secunia.com/advisories/18202/[/u
l]just thought I'd let you know. Current version is 1.67
mentaljedi said:
Many people have QT but don't use it. And i'm glad that this went by unnoticed. Shows that Apple's on the ball.
Load all comments...

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.