QUICKTIME UPDATED; MAJOR BUGS RESOLVED

Apple has come up with a new update yet again and this time its for QuickTime. QuickTime 7.7 has more than 14 bugs fixed which had frustrated its users for quite some time now. QuickTime earlier had bugs which could be exploited via rigged movie files, audio or image. This update is for Mac OS as well as Windows. However there might still be a few bugs which would affect Windows systems only. This update was shipped by Apple on a priority basis and would now effectively help users to be safe of the hacker attacks.

There was an advisory posted from Apple which stated that there were a few flaws in the earlier version which were vulnerable to lead a user to remote code execution attacks if he/ she was tricked to click on a bobby-trapped web site. There is yet another way of trapping users which was by asking a user to open a special media file.

Apple has the bugs resolved which do not affect a Mac OS X 10.7 user, but still if one is a normal Windows user, there are still a few issues which need to be resolved. This would mean that a Mac OS X10.7 user would have to worry only for any new threat which is not yet out, but Windows users need to be careful from new as well a few old issues.

Most of the flaws detected were addressed in Mac OS X 10.6 and accordingly they were worked on. This resulted in a better update which was tested and no such issue was found in Mac OS X 10.7. The major issues which were resolved were Buffer Overflow, Multiple Memory Corruption, Integer Overflow, Memory Corruption, Heap Buffer Overflow, Multiple Stack Buffer Overflow and Stack Buffer Overflow. Each and every mentioned issue would lead to the arbitrary code execution or termination of the application unexpectedly.

Buffer Overflow was an issue which was related to crafted pict file and JPEG file, while Integer Overflow was related to audio files. Memory Corruption was related to the way QuickTime handled sample tables for movie files, while Multiple Memory Corruption was related to the way JPEG2000 images were handled. Stack Buffer Overflow relates to how QTL files were handled and Multiple Stack Buffer Overflow relates to handling of H.264 encoded movie files.

Apart from the above, Heap Buffer Overflow was an issue which was a major bug and on a multiple scale, it was a multiple bug. The issues which this bug related to were for the handling of GIF images and atoms in movie files. These atoms are STSC, STSS, STSZ and STTS.

Apple Leopard users can download this newly updated version of QuickTime from here, while the Windows users can find their QuickTime update here.