The QuickTime vulnerabilities affect both Windows and Apple Mac OS X machines. Apple's update comes on the same day the company announced. Also, Microsoft on Tuesday released .
The security flaws in QuickTime are all due to the application's failure to properly check and sanitize files in several formats: H.264, QuickTime, FLC, FlashPix and SGI. An attacker could craft a malicious file in any of those formats which, when opened, would fully compromise a vulnerable system or cause QuickTime to crash.
"A successful exploit may result in a remote compromise of the underlying computer," Symantec said in an alert sent to users of its DeepSight security intelligence service.
There are no known exploits for the flaws, Symantec said. This limits the threat. Apple regularly, and often the flaws are in the handling of various file formats. Experts have said that cyberattackers are increasingly looking for flaws in applications.
Apple repaired the flaws in version 7.1.3 of QuickTime, which is available via the company's Software Update service and from the QuickTime Web site.