Apple issues security update to QuickTime, now version 7.6.9

Apple has updated its QuickTime software, now at version 7.6.9, to fix vulnerabilities where a maliciously designed file could execute arbitrary code or lead to the application terminating.

Apple has updated its QuickTime software, now at version 7.6.9, to fix vulnerabilities where a maliciously designed file could execute arbitrary code or lead to the application terminating.

As Apple describes in its knowledge base article:

"Description: A heap buffer overflow exists in QuickTime's handling of JP2 images. Viewing a maliciously crafted JP2 image may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved bounds checking. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.5. Credit to Nils of MWR InfoSecurity, and Will Dormann of the CERT/CC, for reporting this issue."

Also included in this security update are fixes to maliciously crafted AVI file types, other movie file types, FlashPix image files, GIF image files, or PICT image files, as well as a possibility that local users may have access to sensitive information on certain Windows machines.

The update is for Mac users running Mac OS X 10.5.8 or Server 10.5.8. For more information, visit the entire security update article.


Be sure to follow MacFixIt on Twitter and contribute to the CNET Mac forums.

Featured Video
6
This content is rated TV-MA, and is for viewers 18 years or older. Are you of age?
Sorry, you are not old enough to view this content.

Force Friday and the best of IFA 2015

Attention Jedi in training: today is Force Friday. Also, the best of IFA 2015, a new personal safety app explodes in popularity, and new 21.5-inch iMacs are coming.

by Jeff Bakalar