Apple has released an upgrade to both the Mac and PC versions of its QuickTime media software, fixing at least seven issues that could potentially allow an attacker to control vulnerable systems. Among the security flaws resolved in the QuickTime 7.6 release are vulnerabilities within maliciously-crafted RTSP URLs and QTVR, AVI, MPEG-2, H.263, Cinepak and QuickTime-encoded movie files.
Apart from the security aspects of the update, version 7.6 includes some performance enhancements for H.2640-encoded and Motion JPEG media files, as well as some audio tweaks for AAC and MPEG video files. It also improves compatibility with Apple's iChat and Photo Booth applications. The company is advising all users to install the update immediately, which as usual you can obtain via the company's Automatic Update software or at Apple's Support Downloads site.