MacExcellence

QuickTime 7.4.1 fixes heap buffer overflow flaw

Thu, February 07, 2008

Apple's released QuickTime 7.4.1, an update to the QuickTime multimedia core software for Mac OS X, which includes the following security fix:


"Visiting a malicious website may lead to an unexpected application termination or arbitrary code execution A heap buffer overflow exists in QuickTime's handling of HTTP responses when RTSP tunneling is enabled. By enticing a user to visit a maliciously crafted webpage, an attacker may cause an unexpected application termination or arbitrary code execution. This update addresses the issue through improved bounds checking."

The new release is available in the following editions:


Note that, as always, it is recommended you wait until full testing can be done on the software before updating. Bad things have bee known to happen, and there are already reports of hanging shutdowns and problematic logins after the update. Buyer beware.

Check back for a report on whether to proceed.

Comments…

Leave a Comment…

You must fill out the form to post comments.
Fields in bold are required.

Remember my info

Notify me of follow-ups?

Please enter the word you see in the below image:


Recent Articles…

Resources…