HomeInternetApple Releases 7.3.1 Update to Fix QuickTime Vulnerability

Apple Releases 7.3.1 Update to Fix QuickTime Vulnerability

QuickTime 7.3.1 Version released Apple has issued an update for its multimedia framework QuickTime that fixes a number of security problems that are present in the application.

Fixed in QuickTime 7.3.1 is the application’s handling of Real Time Streaming Protocol (RTSP) headers that enabled arbitrary code execution. Detected in November-end, this security issue’s proof-of-concept was published a couple of days post after it was discovered.

The second fix issued in this update is for a bug enabled a maliciously crafted QTL file that may lead to an unexpected application termination or arbitrary code execution.

- Advertisements -

And the last and final fix is for the multiple flaws in the QuickTime’s Flash media handler. As per Apple, thanks to this update, the Flash media handler in QuickTime is disabled except for a limited number of existing QuickTime movies that are known to be safe.

Apple’s site also has four separate patches for – three for the Mac OS X Panther, Tiger, and Leopard; and one for Windows. You need to run the software update in your OS to get the update. While the Panther download is a 50.9 MB, Tiger’s is 48.7 MB, Leopard is a 52.6 MB download and the Windows’ one is a 20.3 MB download.

In a security advisory issued, Apple stated: “With this update, the Flash media handler in QuickTime is disabled except for a limited number of existing QuickTime movies that are known to be safe. Credit to Tom Ferris of Adobe Secure Software Engineering Team (ASSET), Mike Price of McAfee Avert Labs, and security researchers Lionel d’Hauenens & Brian Mariani of Syseclabs for reporting this issue.”

- Advertisements -

LATEST