Apple issues QuickTime security patches for Mac and Windows users

April 03, 2008 Sophos Press Release

QuickTime
Mac and Windows users are being urged to update QuickTime to protect against the latest security vulnerabilities.

Experts at Sophos have reminded computer users of the importance of remaining aware of the latest security issues, following an announcement of a number of critical security vulnerabilities in its QuickTime multimedia player software.

An update issued by Apple, the developers of QuickTime, addresses 11 vulnerabilities - nine of which can be exploited by hackers to remotely execute malicious code on a targeted computer. Five of the remote code execution flaws could potentially be exploited by hackers via the use of malicious movie files. Both Windows and Macintosh users have been advised by Apple to update their QuickTime software.

More information about the update can be found on the Apple website.

Apple Mac users can receive the latest version of QuickTime automatically via Software Update. Windows QuickTime users are advised to use the installed Apple Software Update program.

"There have been umpteen QuickTime vulnerabilities discovered in the last few months, and the danger is that hackers will exploit them by fooling computer users into clicking on a link to a movie," said Graham Cluley, senior technology consultant for Sophos. "Historically, Windows lovers have been more at threat from QuickTime vulnerabilities than Mac fans, but it would be sensible for people on either side of the OS divide to make sure their systems are properly secured and patched."

Sophos suggests that every IT manager responsible for security should consider subscribing to mailing lists to keep informed of the latest vulnerability announcements.

Sophos recommends all computer users protect themselves with a consolidated solution which can control network access and defend against the threats of spam, hackers, spyware and viruses.