Apple issues critical security update for QuickTime

Company says the vulnerabilities could potentially allow a malicious attacker to take control of a person's system and execute arbitrary code.

Apple has issued a critical security update for QuickTime media player, aimed at resolving vulnerabilities that could potentially allow a malicious attacker to take control of a person's computer, according to an Apple advisory released this week.

People running QuickTime 7 for Windows and for Mac OS X, are affected, as well as those who are using Mac OS X 10.4 or Mac OS X 10.5, according to Apple.

Apple is advising people to update to QuickTime 7.6 for Windows, QuickTime 7.6 for Leopard, or QuickTime 7.6 for Tiger.

The update seeks to address QuickTime security flaws that could potentially allow a malicious attacker to launch a buffer overflow and execute arbitrary code on a user's system.

The attack could potentially occur via a maliciously crafted movie file, AVI movie file, QTVR movie file, or an RTSP URL, according to Apple.

Security researcher Secunia, in an advisory released Thursday, noted the vulnerabilities are considered "highly critical."

About the author

    Dawn Kawamoto covered enterprise security and financial news relating to technology for CNET News.

     

    Join the discussion

    Conversation powered by Livefyre

    Show Comments Hide Comments
    Latest Galleries from CNET
    10 mobile gadgets gone gonzo (pictures)
    Apple in 2014: iPhone 6, iCloud hack, Beats and more (pictures)
    The 12 most distinctive phones of 2014 (pictures)
    Best mobile games of 2014
    Nissan gives new Murano bold style (pictures)
    Top great space moments in 2014 (pictures)