Apple today released another iteration of its QuickTime media player, fixing at least seven security vulnerabilities found in previous versions of the software for Mac, Windows XP and Windows Vista. Six out of the seven security holes fixed by version 7.3 could allow an attacker to run unauthorized software on a victim’s PC.
The seventh flaw lies in QuickTime for Java, and it could allow Java applets to obtain elevated privileges. The update addresses this issue by making QuickTime for Java no longer accessible to untrusted Java applets.
Apple also refreshed iTunes, bumping it up to version 7.5, but there is no security content associated with that release. The new version of iTunes extends iPhone activation to “wherever service is offered,” just ahead of the phone’s debut in the U.K. and Germany this Friday. It also adds support for Phase, a new interactive music game designed exclusively for iPod nano, iPod classic, and fifth-generation iPods.