ZDNet UK


Skip to Main Content

ZDNet.co.uk - Winner of Best Business Website 2007
  1. Home
  2. News
  3. Blogs
  4. Reviews
  5. Prices
  6. Resources
  7. Community
  8. My ZDNet

 

ZDNet UK RSS Feeds


IT Jobs

Security threats Toolkit

Apple releases QuickTime security update

Robert Vamosi CNET News.com

Published: 30 May 2007 13:41 BST

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

Apple released a security update for QuickTime 7.1.6 on Tuesday, further removing a vulnerability first used by a security researcher in April to win $10,000 (£5,064) and a new MacBook in the "PWN to OWN" contest at CanSecWest 2007.

This security update complements an earlier bug patch for QuickTime 7.1.6 released by Apple on 1 May, 2007. The 1.1MB Windows QuickTime 7.1.6 update affects users of Windows 2000 SP4 and Windows XP SP2. The 1.4MB Mac QuickTime 7.1.6 update affects users of Mac OS X v10.3.9 and Mac OS X v10.4.9.

The vulnerability, as reported in a security alert from the US National Vulnerability Database, allows attackers to entice users to a website with a maliciously coded Java applet and then run attack code on a compromised machine. The Apple security update places further parameter limitations on QTPointerRef objects in Apple QuickTime Java extensions within the Safari and Firefox browsers, denying these types of attacks. Apple credits security researcher Dino Dai Zovi, working with TippingPoint and the Zero Day Initiative, for his help in resolving this issue.

  • Email
  • Trackback
  • Clip Link
  • Print friendly Print with Dell

Did you find this article useful?
2 out of 2 people found this useful


Full Talkback thread

0 comments

Company/Topic Alerts

Create a new alert from the list below:







Related Jobs

Lead / Senior Java JSP Developer - Bristol 35-40k - URGENT

Good knowledge of Java, JSP - Good knowledge of web services, XML, HTML and JavaScript Desirable Skills: - Experience with Eclipse, Tomcat, unit ...

Java Major Finance Opportunity-40,000 North West

Computer Futures Solutions are seeking a JAVA developer to join a major FINANCE establishment. To meet the demands of this role you should possess ...

QA Test Engineer - ISEB Mobile company - London

Skills: ISEB Manual testing Automation testing tools Java SQL Desirable: Agile Jmeter Mobile experience Working knowledge and experience of testing ...

Featured Talkback

What was achieved there is recognised to be of fundamental importance to both winning the war (Churchill visited to say 'thank you' to them) and the development of the computer. Maybe Bill Gates doesn't want to support this museum because it underlines where electronic computing started i.e. here, not the U.S.

By: 1000103773

Read full story:
Bletchley Park faces bleak future

Sentry Posts Blog

Mobile Security Expert: Your Camera Ph...

Mobile Security Expert: Your Camera Phone Got Hacked Author: Eric Everson, Founder MyMobiSafe.com Have you ever heard someone say “I’d like to be a fly on the wall in that room.”?... More

Post a comment

Skype - The Roach Motel

Here is an interesting article from The National Business Review, pointing out once again that you can never delete a Skype account. Never. Period. This is something I am familiar... More

Post a comment

The vPhone: Why Visa Should Go Mobile

The vPhone: Why Visa Should Go Mobile Author: Eric Everson, Founder MyMobiSafe.com With all of the success of Apple’s iPhone, there is a growing case to support a company like Visa... More

Post a comment