Apple Quicktime and OS X updates to patch multiple security vulnerabilities
Apple has released Quicktime v. 7.1 for both Windows and OS X to address about 12 vulnerabilities. It looks as though all of the vulnerabilities were related to either a specially crafted images or movies (a variety of formats…) Upgrade or use another viewer…
Affected file formats are…. Jpegs, Flashpix, Pict, BMP, Quicktime, Flash, H.264, Mpeg-4 and avi… so that would cover most of the most common formats. Incidents.org has a bit more information than the above (links to specific cve entries for the above vulnerabilities.)
Brian Krebs over at the Security Fix has an article on the updates, as well as updates for OS X….
Another patch bundle mends at least 31 security holes in OS X. Among the applications that need patching are Apple’s Safari Web browser; Mac OS X’s default e-mail program; the password-storing “Keychain” application, Apple’s version of the Macromedia Flash player, and QuickDraw.
Updates are available for Mac OS X v10.3.9, Mac OS X Server v10.3.9, Mac OS X v10.4.6 and Mac OS X Server v10.4.6. As always, Mac users should be able to upgrade manually through Apple Downloads or by using OS X’s built-in Software Update feature.
According to him that’s a total of 43 flaws fixed with todays batch of updates. Mac users, get patching and Windows quicktime users as well.