Apple updates QuickTime for Windows and Mac OS X 10.5
On Tuesday night, Apple released an update for its QuickTime multimedia application. Version 7.6.9 is available for users running Windows XP SP2 or later and Mac OS X 10.5.8 (Leopard) – users running the latest version (10.6) of Mac OS X (Snow Leopard) are reportedly not affected. According to Apple, the latest update fixes a total of 15 security vulnerabilities.
The company says that 14 of the bugs can be used by attackers to crash QuickTime and possibly lead to the execution of malicious code on a victim's system. Two of the bugs are present in the Windows version of QuickTime only, one of which allows privilege escalation.
The vulnerabilities fixed in QuickTime 7.6.9 include bugs affecting the way JP2 and Flashpix images, AVI files and other film formats, are handled. In view of the number of arbitrary code execution issues, an immediate update is advisable. According to Apple, these problems have already been fixed (by the last update) under Mac OS X 10.6.5.
QuickTime 7.6.9 for Windows is available to download from Apple's web site. Mac OS X Leopard users can upgrade to the latest release via the built-in Software Update function. All users are advised to upgrade to the latest release as soon as possible.
- About the security content of QuickTime 7.6.9, security advisory from Apple.