U.S. Flag Official website of the Department of Homeland Security

Note: This page is part of the us-cert.gov archive.This document is part of the US-CERT website archive. These documents are no longer updated and may contain outdated information. Links may also no longer function. Please contact info@us-cert.gov if you have any questions about the US-CERT website archive.

TLP:WHITE

Alert (SA07-310A)

Apple QuickTime Updates for Multiple Vulnerabilities

Original release date: November 06, 2007

Systems Affected

Vulnerabilities in Apple QuickTime affect
  • Apple Mac OS X
  • Microsoft Windows

Overview

Apple has released Apple QuickTime 7.3 to correct several vulnerabilities. These vulnerabilities could allow an attacker to gain access to your computer.

Solution

Upgrade QuickTime

OS X users should use the Mac OS X Software Update feature to download and install Apple QuickTime 7.3. Consider scheduling Software Update to check for updates automatically (this option is enabled by default).

Microsoft Windows users should upgrade to Apple QuickTime 7.3.

Description

QuickTime prior to version 7.3 has multiple image and media file handling vulnerabilities that could allow an attacker to run malicious programs on your computer. This could happen by visiting a malicious web site. Upgrading to Apple QuickTime version 7.3 will correct these vulnerabilities.

Note that Apple iTunes installs QuickTime, so any system with iTunes is vulnerable.

For more technical information, see US-CERT Technical Security Alert TA07-310A.


References


.

Revision History

  • November 6, 2007: Initial release

This product is provided subject to this Notification and this Privacy & Use policy.

Was this document helpful?  Yes  |  Somewhat  |  No

Back to Top