Home › News › Industry News

Apple finally fixes year-old QuickTime flaw

On October 3, 2007, 5:34 PM

Last month, security researches Petko D. Petkov and Aviv Raff published proof-of-concept exploits to show that QuickTime still had a major protocol handling problem that could cause Firefox to install backdoors and other malware on a fully patched computer. Although the Mozilla team promptly patched the bug in Firefox 2.0.0.7, Apple has finally come up with its own fix for the year-old QuickTime vulnerability.

"A command injection issue exists in QuickTime's handling of URLs in the qtnext field in files with QTL content," the company explained. "By enticing a user to open a specially crafted file, an attacker may cause an application to be launched with controlled command line arguments, which may lead to arbitrary code execution."
The patch affects users of QuickTime 7.2 on Windows Vista and Windows XP SP2. A 7MB security update is available for download at the Apple’s website.

No tags on this story

Next Article: Stardock releases WindowBlinds 6, adds full Vista customization

TechSpot on:

Most Popular

Trending

Featured

Featured on PC Games

Downloads and Drivers

World of Warcraft Patch 5.3.0

Funny Photo Maker 2.4.1

More Downloads

Latest Discussion

Network documentation 9 replies on Storage and Networking

What OC could I achieve with... 5 replies on Overclocking, Cooling and Modding

Graphics card compability 7 replies on Audio and Video

GTX 660 TI VS GTX 660 8 replies on Audio and Video

What is the best graphics card my computer can handle? 6 replies on Audio and Video

More Recent Discussion

Subscribe to TechSpot

Get free exclusive content, learn about new features and breaking tech news.

TechSpot

Welcome to TechSpot

Home › News › Industry News

Apple finally fixes year-old QuickTime flaw

Next Article: Stardock releases WindowBlinds 6, adds full Vista customization

Post a new comment

TechSpot on:

Most Popular

GeForce GTX 780 Review: The Titan Descendant

OCZ Vertex 450 Review: Vector-like Performance For Less

Xbox One: Entertainment hub first, gaming console second - but can it disrupt TV?

Microsoft officially announces Xbox One: here's what we know so far

Apple claims Samsung violates Siri patents with Google Now

OCZ Vertex 450 SSD Review

Nvidia GeForce GTX 780 Review

Xbox One: Entertainment Hub First, Gaming Console Second -- But Could It Disrupt TV?

Metro: Last Light Performance, Benchmarked

Building a Thin Mini-ITX PC: Small and Silent Performance

Featured on PC Games

74 Resident Evil: Revelations

82 Metro: Last Light

71 Strike Suit Infinity

81 Far Cry 3: Blood Dragon

85 Monaco: Whats Yours is Mine

Downloads and Drivers

Latest Discussion

Subscribe to TechSpot

Featured Tech Content - Inside TechSpot

	Social Login & Guest Posting Post as anonymous user			TechSpot Members Login here or sign up for free, it takes about a minute.
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.