Apple today released QuickTime 7.1.6 for Mac and QuickTime 7.1.6 for Windows which delivers numerous bug fixes, addresses a critical security issue with QuickTime for Java and includes support for:
• Final Cut Studio 2
• Timecode and closed captioning display in QuickTime Player
This update is recommended for all QuickTime 7 users.
About the security content of QuickTime 7.1.6:
CVE-ID: CVE-2007-2175
Available for: Mac OS X v10.3.9, Mac OS X v10.4.9, Windows XP SP2, Windows 2000 SP4
Impact: Visiting a malicious website may lead to arbitrary code execution
Description: An implementation issue exists in QuickTime for Java, which may allow reading or writing out of the bounds of the allocated heap. By enticing a user to visit a web page containing a maliciously-crafted Java applet, an attacker can trigger the issue which may lead to arbitrary code execution. This update addresses the issue by performing additional bounds checking when creating QTPointerRef objects. Credit to Dino Dai Zovi working with TippingPoint and the Zero Day Initiative for reporting this issue.
QuickTime 7.1.6 is available via Software Update and also as standalone installers.
More info and download links:
• QuickTime 7.1.6 for Mac (43.6MB)
• QuickTime 7.1.6 for Windows (19.1MB)
The most secure desktop operating system on the planet just got that much more secure.
And that’s how it should be.
Exploit found.
Exploit fixed.
Nobody but a few media-types exploited . . .
Well, it looks like they still haven’t solved the issue with playback of large MPEG files (like over 100 MB). With QuickTime 6.5, a MPEG file of any size played back smooth as silk in full screen on my PowerBook. Since QT 7, none have been playable. I get 1-2 frames per second. My guess is that it has to do with the implementation of the H.264 codec and how QT 7 processes MPEG files now.
Anyone else with this issue?
Also, it is reproducible on all G4 machines I have seen AND G5 playback of large MPEG files with QT 7 is much worse than it was with QT 6.5.
Oh, yeah, also, what was Apple’s turn-around time on this one? Now, compare to Mafia$oft. Where are all the PC trolls now?
/crickets/
Turn around on that Java browser exploit was what? 10 days? I don’t see Microsuck coming anywhere remotely close to fixing exploits that quickly…
@Cubert
I’m using a Dual G4 at home and it plays back MPEG-2 files at full frame rate (256MB ATI Radeon Mac Pro card) using QT7. My Dual G5 at work also plays them with no obvious issues.
On another note, this last weekend I discovered for the first time that I can open VOB files directly in QT7 – wheee. My mom always told me I could learn anything I wanted to, she just never told me how long it would take.
Where are the MOAB trolls now?
That was so fast it makes your head spin. Thought Apple was supposed to take 40 days!
” width=”19″ height=”19″ alt=”tongue wink” style=”border:0;” />
d’ya think this fix will cause my Combo drive to accept and burn CD-RWs again?? it went all wonky and began intermittently burning or stopped burning Rewritable discs a couple of updates ago and hasn’t gone back to normal since. wha’sup wit dat?
I wonder how long it will take the prophets of doom & Zero day to acknowledge this feat?
Mr. Peabody,
Your system and graphics card probably allows that to happen. I have a 1.5 GHz PowerBook with 1 GB of RAM and a 128 MB graphics card. I still can’t play plain old MPEG files (any flavor: 1, 2, 4) even at 3/4 screen size – still choppy.
For reasons unrelated to this, I had to reinstall Tiger from a clean install (always) last summer – no fix.
Before people start saying “buy a new laptop, it’s too old”, the point is that the exact same movies looked freakin’ spectacular in QT 6.5 – now no joy with QT 7. I just don’t think that’s right. I hope Leopard and 7.2 smooth out the bugs.
Complacent Mac internet browsing has been resorted, not that I even lost my complacency while on my Mac.
” width=”19″ height=”19″ alt=”wink” style=”border:0;” />
Make no mistake, Steve personally called QuickTime’s leading engineer and told him to fix that asap.
Where are the MOAB trolls now?
Hiding under the bridge, ChrissyOne, that’s where.
@Cubert
I’m trying to reproduce your problem and can’t. I’ve got a macbook, ibook, G4Dual, eMac, and lamp-stand iMac in the house, all are working fine.
Correct me if I’m doing it wrong, I loaded “Pirates of the Caribbean” into Quicktime, and it runs fine.
Woo-hoo! Can I be smug again? Oh wait, I never stopped being smug!
@ drmacnut
I know, there’s one very close to
” rel=”nofollow”>where I work.
The Trash is much snappier now!
I too sense that Opening, Navigating and even Emptying the Trash is now much snappier.
I’m just curious (especialy as MS is often accused of bloatware), but WHY is the Mac version of Quicktime MORE THAN DOUBLE the size of the windows version?
I can understand a small (single digit – low teens % difference) between patforms, but why would a Mac version of Apple software be twice the size of a Windows version of Apple software…???
I’d really love to know
my 2 cents,
Luke
When did they find the Quicktime exploit, a week ago? They patched that thing fast! Way to go apple.
By the way, you’re all missing a potentially very big aspect to this new QuickTime update — the ability to handle closed captioning!! For more than 30 million deaf and hard-of-hearing, the lack of closed captioning support in QuickTime (and iTunes) was a deal-breaker when it came to Apple TV (and a potential legal timebomb when the lawsuits for equal access to captioning work their way through the courts).
Let’s hope Apple is in front on this and will offer captioned downloads ASAP!!
@ LukeinOZ:
“I’m just curious (especialy as MS is often accused of bloatware), but WHY is the Mac version of Quicktime MORE THAN DOUBLE the size of the windows version?”
Perhaps because it is double the size?
The Mac version needs to have both PPC and Intel CPU within a “Universal” package (what we used to call a Fat Binary back during the 68K / PPC transition).
-hh
LukeinOZ
this update was not just about the quick time java fix, it also has to do with compatibility with Final Cut Studio 2. Which as i believe only works with Macs
>”I’m just curious (especialy as MS is often accused of bloatware), but WHY is the Mac version of Quicktime MORE THAN DOUBLE the size of the windows version?”
If you mean the app itself as opposed to just the update – It is because QT is an *integral* part of the OS, whereas in Windows it is not.
From the Wiki on QT:
“QuickTime is integral to Mac OS X, as it was with earlier versions of Mac OS. All Apple systems ship with QuickTime already installed, as it represents the 4D media layer for Mac OS X.”
Ha, ha. Think about it guys-this patch applies to Windows too. Apple is patching Windows faster than Microsoft does. How embarrassing is that? I hope they are very red in the face in Redmond tonight!