Mac users who have updated to the latest version of OS X Lion (version 10.7.4) or who have installed Security Update 2012-002 for Snow Leopard will have applied the latest version, but these users may have Windows installations either in Boot Camp or in virtual machines which may need to be updated. Even if you do not use the QuickTime media player, by having QuickTime installed on your system other programs such as Web browsers may use the plug-in to play media content. If you have QuickTime installed on your system, be sure to update it to the latest version using Apple's Software Update utility or by downloading the latest QuickTime installer from Apple's QuickTime Web site. Apple has outlined the details of the issues in a recent knowledge-base article. The malicious file would cause a buffer overflow or other memory corruption that would return a corrupted memory pointer, which could then execute code stored at that memory address. This version seems to install and work without issue. There is a reported issue with Quicktime v7.6 version (exact version number not confirmed) on Windows Vista which can prevent ProSelect from running. The solution was to uninstall and reinstall a previously working version.
The vulnerabilities in the QuickTime software that called for this update were ones in which a maliciously crafted QuickTime file could take control of a machine, in ways similar to exploits for other software packages like Java, Flash, Word, and Adobe Reader. Update 12th February 2009pple have now released Quicktime v7.6.
0 kommentar(er)
