Apple closes security gaps for QuickTime, iPhone, iPod Touch

QuickTime updates for Windows, Mac users designed to prevent a system from being hijacked when malicious movie files are opened.

Apple released the first patches for 2008 to the QuickTime media player as well as the iPhone and iPod Touch on January 15.

The updates to QuickTime 7.4 for Windows and Mac users are designed to prevent a system from being hijacked when malicious movie files are opened.

Apple Downloads lists the updates for Windows XP and Vista as well as Mac OS X 10.3.9 and higher. Mac users also can access the download via Apple's Software Update.

Memory corruption issues in QuickTime's handling of Sorenson 3 video, Macintosh Resource Records, and Image Descriptor atoms are to blame for three of four noted security holes. The fix also closes a gap left when QuickTime processes compressed PICT graphics.

However, the updates do not address a vulnerability in QuickTime's streaming media protocol, publicized by Italian researcher Luigi Auriemma earlier this month.

The last fix to QuickTime was made December 13.

Apple's iPhone and iPod Touch updates are designed to bolster Passcode Lock and prevent unauthorized users from launching applications, as well as to keep owners from inadvertently leaking sensitive data via phishing Web sites accessed through Safari.

The version 1.1.3 fixes are available for download only through updates to iTunes, which should prompt users to accept the changes. Docking an iPhone or iPod Touch will also trigger the updates to be made.

 

Join the discussion

Conversation powered by Livefyre

Show Comments Hide Comments
Latest Galleries from CNET
ZTE's wallet-friendly Grand X (pictures)
Lenovo reprises clever design for the Yoga Tablet 2 (Pictures)
Top-rated reviews of the week (pictures)
Best iPhone 6 and iPhone 6 Plus cases
Make your own 'Star Wars' snowflakes (pictures)
Bento boxes and gear for hungry geeks (pictures)