iPhone, iPod Touch, and QuickTime security updates

Graham Cluley
Graham Cluley
@
@[email protected]
@gcluley

Ipod Nano
Yesterday, a standing ovation greeted Steve Jobs as he made his first public appearance since his liver transplant. Apple fans around the world (and I’m one of them) were, I’m sure, delighted to see the charismatic CEO back on stage announcing his firm’s latest product developments.

With so many feverish rumours about the possibility of The Beatles coming to iTunes (they didn’t) and the possibility of an Apple Tablet computer (no signs yet), some inevitably felt a sense of anti-climax when the main announcements from San Francisco were some new features in iTunes, a point upgrade to the iPhone OS and the revelation that the iPod Nano – and strangely not the iPod touch – was gaining a video camera.

There was some Apple news from the security side of things that emerged yesterday, though.

For instance, multiple security vulnerabilities affecting the QuickTime software for Mac OS X and Windows are being patched.

Sign up to our free newsletter.
Security news, advice, and tips.

According to an advisory from Apple, QuickTime 7.6.4 patches flaws which could allow a boobytrapped H.264 movie to run malicious code on your computer. In addition, a heap buffer overflow that existed in QuickTime’s handling of FlashPix files is reportedly patched.

It’s important to underline that the fix for QuickTime isn’t just for Apple Mac users – it also impacts Windows users who rely on the software to watch movies and other online content.

In addition, it looks like it would be sensible to update your iPhones and iPod touches to version 3.1 and 3.1.1 respectively of the iPhone OS, as it will fix a number of security vulnerabilities which exist in the operating system. The worst of these flaws could allow hackers to run malicious code on your mobile device.

As Jobs claimed in his speech yesterday that there have been 30 million iPhones and 20 million iPod touches sold, that’s an awful lot of gadgets which need a security update this morning.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.