[NPMUG] Apple plugs security holes in QuickTime and iTunes
Dave Sevick
dave at davesevick.com
Wed Jun 3 07:15:06 MDT 2009
Apple plugs security holes in QuickTime and iTunes
Apple has released an updated version of QuickTime (version 7.6.2)
which fixes a number of security vulnerabilities. If left unpatched
the security holes could be exploited by hackers who could create a
booby-trapped movie or audio file, programmed to execute malicious
code on computers.
More information about the vulnerabilities in QuickTime can be found
on Apple's website.
Curiously, MacWorld is reporting that one of the QuickTime bugs was
partially revealed in a book, "The Mac Hacker's Handbook" by Charlie
Miller and Dino Dai Zovi, published in March.
In addition to the QuickTime update, Apple has released iTunes 8.2,
which addresses a stack buffer overflow which could allow hackers to
run code of their choosing on your computer if you clicked on a
specially-crafted itms: link.
It's worth pointing out that the updates for iTunes and QuickTime are
not just for Mac users, but also for PC owners running Windows Vista,
Windows XP Service Pack 2 and later.
Whatever your operating system, it's essential that you keep on top of
the latest security patches. Don't dilly-dally - get patched today.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://davesevick.com/pipermail/npmug/attachments/20090603/6376ea86/attachment-0001.htm
-------------- next part --------------
A non-text attachment was scrubbed...
Name: apple-security-update.jpg
Type: image/jpeg
Size: 34825 bytes
Desc: not available
Url : http://davesevick.com/pipermail/npmug/attachments/20090603/6376ea86/attachment-0001.jpg
More information about the NPMUG
mailing list