“Apple Computer issued on Friday a security advisory and fix for a QuickTime flaw that the company describes as a minor issue, but which is classified as a serious problem by the firm that found the vulnerability,” Robert Lemos reports for CNET News.
“Apple said the flaw in the QuickTime movie player for Mac OS X could cause the player to crash. ‘Playing a malformed .mov (movie) file could cause QuickTime to terminate,’ Apple said in an advisory published on late Friday afternoon,” Lemos reports. “The company that found and reported the flaw to Apple in February, eEye Digital Security, claimed Apple is downplaying the seriousness of the flaw in its advisory. A movie file could be created, the firm maintained, that would cause malicious code to execute when the user opened the file.”
“‘We told them that if you are not able to execute code then talk to us, so we can show you the issues,’ said Marc Maiffret, chief hacking officer for eEye Digital Security. An Apple representative could not be reached for comment,” Lemos reports.
Full article here.
The QuickTime Update can be downloaded from Apple’s website or via the Mac OS X’s Software Update.