Antivirus Software
  1. Home
  2. Computing & Technology
  3. Antivirus Software
photo of Mary Landesman
Mary's Antivirus Software Blog

By Mary Landesman, About.com Guide to Antivirus Software since 2000

Apple QuickTime Flaw Discovered

Thursday September 18, 2008

Intego is reporting a fairly serious sounding bug in Apple's latest version of QuickTime (v7.5.5). According to Intego, "The '<? quicktime type= ?>' tag fails to handle long strings, which can lead to a heap overflow in QuickTime Player, iTunes, or any other program that attempts to display media using a QuickTime plug-in." If QuickTime v7.5.5 is installed, this would include Internet Explorer, Firefox, and Safari. Mac users face a double risk - not just the browser but also the Mail and Finder apps are also vulnerable if that version of QuickTime is installed.

Successful exploit could enable remote execution of arbitrary code. Currently, no patch is available. This might be one of those situations where it's simply safest to uninstall QuickTime until Apple releases the necessary patch. More details on the QuickTime heap overflow problem can be found on the Intego blog.

Comments

No comments yet. Leave a Comment

Leave a Comment

Line and paragraph breaks are automatic. Some HTML allowed: <a href="" title="">, <b>, <i>, <strike>

Explore Antivirus Software
About.com Special Features
Family Tech Center

Stay connected and entertained with reviews on tips on the latest HDTVs, cellphones and more. More >

Connect Your Home Computers

Easy ways to connect two computers for networking purposes. More >

Antivirus Software
  1. Home
  2. Computing & Technology
  3. Antivirus Software

©2009 About.com, a part of The New York Times Company.

All rights reserved.