Apple has released an updated version of QuickTime (version 7.6.2) which fixes a number of security vulnerabilities. If left unpatched the security holes could be exploited by hackers who could create a booby-trapped movie or audio file, programmed to execute malicious code on computers.
More information about the vulnerabilities in QuickTime can be found on Apple’s website.
Curiously, MacWorld is reporting that one of the QuickTime bugs was partially revealed in a book, “The Mac Hacker’s Handbook” by Charlie Miller and Dino Dai Zovi, published in March.
In addition to the QuickTime update, Apple has released iTunes 8.2, which addresses a stack buffer overflow which could allow hackers to run code of their choosing on your computer if you clicked on a specially-crafted itms: link.
It’s worth pointing out that the updates for iTunes and QuickTime are not just for Mac users, but also for PC owners running Windows Vista, Windows XP Service Pack 2 and later.
Whatever your operating system, it’s essential that you keep on top of the latest security patches. Don’t dilly-dally – get patched today.