Apple plugs security holes in QuickTime and iTunes

Apple has released an updated version of QuickTime (version 7.6.2) which fixes a number of security vulnerabilities. If left unpatched the security holes could be exploited by hackers who could create a booby-trapped movie or audio file, programmed to execute malicious code on computers.

Mac Security Update

More information about the vulnerabilities in QuickTime can be found on Apple’s website.

Curiously, MacWorld is reporting that one of the QuickTime bugs was partially revealed in a book, “The Mac Hacker’s Handbook” by Charlie Miller and Dino Dai Zovi, published in March.

Sign up to our free newsletter.
Security news, advice, and tips.

In addition to the QuickTime update, Apple has released iTunes 8.2, which addresses a stack buffer overflow which could allow hackers to run code of their choosing on your computer if you clicked on a specially-crafted itms: link.

It’s worth pointing out that the updates for iTunes and QuickTime are not just for Mac users, but also for PC owners running Windows Vista, Windows XP Service Pack 2 and later.

Whatever your operating system, it’s essential that you keep on top of the latest security patches. Don’t dilly-dally – get patched today.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "The AI Fix" and "Smashing Security" podcasts. Follow him on Bluesky and Mastodon, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.