Thursday, June 4, 2009

Important Security Update for Quicktime

This one applies to just about all of us: Mac, Vista, and XP. Apple has fixed ten security holes in Quicktime that could get you pwned simply by watching a movie. Srlsy:
Apple on Monday released an updated version of its popular QuickTime software.

Version 7.6.2 closes 10 vulnerabilities, all of which could have been exploited to execute arbitrary code, according to an advisory. Attackers would have spread their exploits by persuading users into opening maliciously crafted movie files or images.
Just about everyone here has Quicktime installed, so this is about as widespread a problem as you'll see. It's impossible to tell if a movie contains malware before it executes, and since nobody blocks Quicktime downloads, it's an easy exploit for the Bad Guys.

The solution is to upgrade to Quicktime 7.6.2, available here. Apple's description of the situation is here.

IT folks (I know there are a few of you out there), you'll want to look at getting this pushed to your users.

1 comment:

  1. Wow, you're good. Have you ever thought of doing this sort of thing for a livig? :)

    ReplyDelete

Remember your manners when you post. Anonymous comments are not allowed because of the plague of spam comments.