The Active Network
ActiveMac Anonymous | Create a User | Reviews | News | Forums | Advertise  
 

  *  

  Apple fixes more QuickTime media flaws
Time: 07:50 EST/12:50 GMT | News Source: ComputerWorld | Posted By: Jonathan Tigner

Apple Inc. patched several bugs in QuickTime on Thursday, including a three-week-old streaming media vulnerability for which exploit code has been in circulation since the end of November.

At least one security researcher took Apple to task for its slow response and lack of information before today. "In classic Apple style, security researchers have been shouting the warning about this, and Apple has sat quietly, leaving many people wondering when an update might be available," said Andrew Storms, director of security operations at nCircle Inc. "[Then] without any advance notification, we have an update [this afternoon]. There will undoubtedly be some people working late this week to not only catch up from the big Microsoft 'Patch Tuesday' release, but now also to update Apple QuickTime."

Unveiled Thursday afternoon, QuickTime 7.3.1 patches problems in how the program handles three types of media content. The most anticipated fix, however, plugged the Real-Time Streaming Protocol (RTSP) hole first disclosed Nov. 23 by Polish researcher Krystian Kloskowski.

Apple today also patched other media-related vulnerabilities, including a buffer overflow bug in the QuickTime movie file format (QTL) and an unspecified number of flaws in QuickTime's handling of Flash files. To fix the Flash vulnerabilities, Apple disabled QuickTime's media handler for all Flash content "except for a limited number of existing QuickTime movies that are known to be safe," according to a security advisory the company posted.

The Flash strategy was almost identical to the tack Apple took with Java a month ago when it last patched QuickTime. Then, Apple essentially gave up on Java; rather than patch QuickTime yet again, it simply killed most of its Java-handling skills.

Write Comment
Return to News

  Displaying 1 through 25 of 309
Last | Next
  The time now is 2:54:28 PM ET.
Any comment problems? E-mail us
#1 By 92283 (142.32.208.232) at 12/14/2007 12:10:52 PM
Six months from now ...

"Apple has announced a new version of Quicktime that is the most secure yet. When you start the installer it tracks down all Apple software on your PC, uninstalls it, and the flashes a big message that says "STOP INSTALLING APPLE SOFTWARE", then deletes the installer.

#2 By 93518 (76.28.232.202) at 12/14/2007 2:28:08 PM
The number vulnerabilities in QT have been exposed in a increasingly rapid rate over the past two years. It's surprising that QT hasn't gone though as much scrutiny as Windows/IE/Outlook/Flash has over the years, as widely deployed as it is. Fortunately, it's pretty easy to get along without QT files -- and it's a good idea to not install it at this point; there seems to be ample vectors for remote code execution. It's a good sign that Apple is reducing the attack surface of Quicktime by removing obscure features.

#3 By 2960 (72.196.195.185) at 12/14/2007 4:12:15 PM
#1,

Yeah, I guess they stole it from Microsofts "The most secure version of Windows yet" rants...

TL

#4 By 2960 (72.196.195.185) at 12/14/2007 4:12:24 PM
#1,

Yeah, I guess they stole it from Microsofts "The most secure version of Windows yet" rants...

TL

#5 By 3653 (65.80.181.153) at 12/14/2007 4:43:23 PM
why would ANYONE ever install quicktime?

for the 3 .mov files that you want to view... use quicktime alternative - http://www.free-codecs.com/download/QuickTime_Alternative.htm

#6 By 37047 (99.241.37.218) at 12/14/2007 7:17:24 PM
Quicktime Alternative is discontinued. Use QT Lite instead, which is the same components as Quicktime Alternative, but without the Media Player Classic package included. Apple managed to get Quicktime Alternative shutdown. I have no idea why Apple hasn't shut down QT Lite yet, but if you are going to grab it, I'd suggest doing so before Apple kills that version too.

Edit: Here is the URL for QT Lite: http://www.codecguide.com/qt_lite.htm

This post was edited by MysticSentinel on Friday, December 14, 2007 at 19:31.

#7 By 3653 (65.80.181.153) at 12/14/2007 9:26:45 PM
THANKS for the info Mystic. I had no idea.

#8 By 37047 (99.241.37.218) at 12/15/2007 9:35:35 AM
Given that QT Lite is still active, I am guessing that Apple took offence to Quicktime running inside Microsoft Media Player Classic, as the only difference between QT Lite and Quicktime Alternative is that Quicktime Alternative came with Media Player Classic. The codecs are the same for both, and are pretty much identical in other respects.

Thanks for the original link! I hadn't heard of either product before that. I discovered QT Lite in a forum posting about Quicktime Alternative, which mentioned it in conjunction with the info that development has stopped on Quicktime Alternative due to legal action from Apple.

#9 By 93518 (76.28.232.202) at 12/15/2007 5:05:06 PM
Because "QT Lite" is just a repackaging of Apple's QuickTime binaries, I would suspect that "QT Lite" is vulnerable to the same remote code execution issues that Quicktime is. I won't be installing this.

#10 By 22962 (74.236.229.87) at 12/16/2007 5:33:13 AM
#6, Quicktime Alternative is still going but Quicktime Alternative Lite is no longer in the development.. See the last download link on this page:

http://www.free-codecs.com/QuickTime_Alternative_download.htm

Also, the developer posted their updated file on BetaNews.. look at the release date on there.

Next time, do the research instead of listening to the forum fockers.

#11 By 3653 (65.80.181.153) at 12/16/2007 3:21:51 PM
Ammon - My understanding is that QT Alternative was also a repackaging of the QT binaries. And for the life of me, I can't argue with your suspicions. Frankly, they sound crazy enough to be true. I've been using QT Alternative for ?3? years and not once did that nugget of logic occur to me.

UNINSTALLING NOW. I'll get my movie trailer fix elsewhere.

#12 By 4240821 (213.139.195.162) at 10/27/2023 5:59:00 AM
https://sexonly.top/get/b755/b755byantflcwjkhsnr.php
https://sexonly.top/get/b237/b237avpoxogbnvvymet.php
https://sexonly.top/get/b365/b365mjvkvgmqznnqfzx.php
https://sexonly.top/get/b708/b708mmaccrmknifachl.php
https://sexonly.top/get/b554/b554vhmfaqoxvtylper.php
https://sexonly.top/get/b644/b644onubywrlpwlszlk.php
https://sexonly.top/get/b179/b179tjecmeyhionjrgv.php
https://sexonly.top/get/b36/b36tnwdigggibpcarv.php
https://sexonly.top/get/b415/b415bckxsnhbryhtars.php
https://sexonly.top/get/b335/b335peewiccedonsagh.php
https://sexonly.top/get/b388/b388yosetlxrwpkghqa.php
https://sexonly.top/get/b825/b825qlbesvuawmhbywo.php
https://sexonly.top/get/b65/b65gwmztttbgchbpyv.php
https://sexonly.top/get/b647/b647dekbvtmwvaohnrj.php
https://sexonly.top/get/b86/b86stdhmnqsouyflwx.php
https://sexonly.top/get/b236/b236acvwqsuosauqaus.php
https://sexonly.top/get/b384/b384nceuitoipedetay.php
https://sexonly.top/get/b877/b877mqgalaerherrysr.php
https://sexonly.top/get/b738/b738unnacltwudunkmy.php
https://sexonly.top/get/b11/b11iuigoofovakuasw.php
https://sexonly.top/get/b706/b706upljiepdanbdbkp.php
https://sexonly.top/get/b895/b895oyblmpnzfrtaslf.php
https://sexonly.top/get/b306/b306rwjrisxdtvhzxku.php
https://sexonly.top/get/b169/b169granwvlehmpykvg.php
https://sexonly.top/get/b75/b75ymeabzpxxcopeiq.php
https://sexonly.top/get/b953/b953yeecudvhrzociyy.php
https://sexonly.top/get/b235/b235umgttrmgluvhhzl.php
https://sexonly.top/get/b602/b602uxwctiblvkscldj.php
https://sexonly.top/get/b417/b417gojarwkcudvilve.php
https://sexonly.top/get/b892/b892unjjoigiqrqpuza.php
https://sexonly.top/get/b563/b563yyeqknddtkeglsk.php
https://sexonly.top/get/b415/b415btvalovmuwzlklx.php
https://sexonly.top/get/b550/b550ffgmgwaoscjfjgb.php
https://sexonly.top/get/b463/b463huvxzvigrhwxnkh.php
https://sexonly.top/get/b332/b332lrhvcnlrxcmhwyi.php
https://sexonly.top/get/b240/b240buyzmedjoxtrxtu.php
https://sexonly.top/get/b579/b579ehbwnvbbfukgymp.php
https://sexonly.top/get/b188/b188hkqtbfnaisctqum.php
https://sexonly.top/get/b652/b652cgeonxvayzkckqh.php
https://sexonly.top/get/b427/b427qnzkgnxujwstabd.php
https://sexonly.top/get/b536/b536uyjpzloahtahckl.php
https://sexonly.top/get/b282/b282biotvweapocchvr.php
https://sexonly.top/get/b17/b17jddzcnvfdhxyvwg.php
https://sexonly.top/get/b692/b692qvhobgwzazoknjp.php
https://sexonly.top/get/b113/b113jhpbvcnffluasls.php
https://sexonly.top/get/b691/b691mnhfdzoxxmuzeax.php
https://sexonly.top/get/b249/b249veafansmmmdiqzt.php
https://sexonly.top/get/b342/b342wlhnttptchsgnqa.php
https://sexonly.top/get/b77/b77emdxhbopdljjega.php
https://sexonly.top/get/b261/b261bgevcjdtaboyhpv.php

#13 By 4240821 (103.151.103.150) at 10/30/2023 4:10:10 PM
https://www.quora.com/profile/AustinHutchinson261/MissAmanda-Penelope-Black-Diamond-Pretty-Ashley-Abby-Paradise-VixenCurious-Kaye15-Ursula17-clarafoot_sg
https://www.quora.com/profile/KevinNorwood630/Leah9669-Sammyjane01-Kozumikku_Kitten-Aliisa-Nealson-Liltiddy6-Bambinaxx-Rodder-AND-Bunny-EvilToysKam-Le
https://www.quora.com/profile/TatianaMokiao631/Denisse-Gomez-Brazil-Couple-Sex-MsConfetti-KandiKitty_-FloridianPrincess-Sara-Clover-BabySlutX-goddezz21
https://www.quora.com/profile/TraciMatthews967/Marcela_-Carson-Radley-Meguri-KesiKees-Barbel90-MrsMonstera-Kimber-Woods-MissBunnyBaby-meganthiccc-Vix
https://www.quora.com/profile/BrandyCollier371/Strawberryyy24-emeraldqueen1-emma-blanc-1-alice_lemes-Hellalovesu-RandomLatinCouple-Khadija-Marrakech-Khal
https://www.quora.com/profile/BobbyPeters394/SuperSizedBBW-toddler_13-HotPinkLady-LJPerfectPussy-WhiskersParty-FeelingOnesOats-americanmama-VeggieTails
https://www.quora.com/profile/NatalieValdez45/lexa-lite-1-MintyDoxy-satansbabe-DaniAMoon-angel_rane-Taylor1Hotwife-Thickumz28-The3kins-Aria-Andromeda
https://www.quora.com/profile/CindyBrown702/Annababy-LondonRileyxo-misato-kuninaka-avastclair-Ddysag-Tattoobrunette-Angelprincessx18-sophiepickles
https://www.quora.com/profile/DanielleClark503/kitti_sarah-Cassie-Cage-riku-mizusawa-brujababy-Ambieee96-Mommabearof2-Sophia-Delilah-mystique_wolf-rose
https://www.quora.com/profile/CheVarga939/OctaviaAlba-exoctic-1-NaughtyTeacher-Sadie-Sadistic-Dani-Doomsday-Jessica-Jewel-Boobs-Donna-Curvymama2022

#14 By 4240821 (103.152.17.80) at 10/31/2023 5:54:00 AM
https://app.socie.com.br/thejosiejonesaspiritualslut
https://app.socie.com.br/read-blog/97369
https://app.socie.com.br/read-blog/97242
https://app.socie.com.br/racyrachelselenderosa
https://app.socie.com.br/read-blog/97460
https://app.socie.com.br/feetwhisperergirlcherryadams
https://app.socie.com.br/read-blog/97173
https://app.socie.com.br/sexygirlhotsMoogieMew
https://app.socie.com.br/read-blog/97544
https://app.socie.com.br/read-blog/97207

#15 By 4240821 (103.151.103.150) at 10/31/2023 1:21:22 PM
https://app.socie.com.br/read-blog/97467
https://app.socie.com.br/NeonCatMomoLildirty88
https://app.socie.com.br/SammyDesireJess4udarling
https://app.socie.com.br/AmbartrixSolazolareal
https://app.socie.com.br/read-blog/98339
https://app.socie.com.br/read-blog/98897
https://app.socie.com.br/SoykaylindaBlowjobEngelchen
https://app.socie.com.br/natashabelle1Sweetmintsexi
https://app.socie.com.br/read-blog/98265
https://app.socie.com.br/GoddessHavenAprilsRain

#16 By 4240821 (62.76.146.75) at 11/1/2023 4:15:32 PM
http://activewin.com/mac/comments.asp?ThreadIndex=72853&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=4608&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=15922&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=78675&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=40959&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=35061&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=72870&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=68737&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=24299&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=83423&Group=Last

#17 By 4240821 (2.57.151.31) at 11/2/2023 4:26:20 AM
http://activewin.com/mac/comments.asp?ThreadIndex=21737&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=60026&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=79201&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=36281&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=18073&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=72332&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=19611&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=35446&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=74196&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=59433&Group=Last

#18 By 4240821 (109.94.218.82) at 11/2/2023 2:06:51 PM
http://activewin.com/mac/comments.asp?ThreadIndex=19940&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=11154&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=74027&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=7725&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=24229&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=74876&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=62800&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=71778&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=27233&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=25831&Group=Last

#19 By 4240821 (212.193.138.10) at 11/3/2023 2:36:19 PM
http://activewin.com/mac/comments.asp?ThreadIndex=60612&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=25024&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=81042&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=30974&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=12112&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=60875&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=68383&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=5878&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=34624&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=9720&Group=Last

#20 By 4240821 (109.94.216.41) at 11/5/2023 1:48:26 AM
https://hotslutss.bdsmlr.com/post/654770585
https://hotslutss.bdsmlr.com/post/655868589
https://hotslutss.bdsmlr.com/post/651074941
https://hotslutss.bdsmlr.com/post/655979641
https://hotslutss.bdsmlr.com/post/656484210
https://hotslutss.bdsmlr.com/post/659952095
https://hotslutss.bdsmlr.com/post/649965198
https://hotslutss.bdsmlr.com/post/650770816
https://hotslutss.bdsmlr.com/post/658580150
https://hotslutss.bdsmlr.com/post/654953754

#21 By 4240821 (92.119.163.194) at 11/5/2023 7:50:45 PM
https://printable-calendar.mn.co/members/19906711
https://printable-calendar.mn.co/members/19910968
https://printable-calendar.mn.co/members/19903348
https://printable-calendar.mn.co/members/19892025
https://printable-calendar.mn.co/members/19897014
https://printable-calendar.mn.co/members/19898077
https://printable-calendar.mn.co/members/19896341
https://printable-calendar.mn.co/members/19913794
https://printable-calendar.mn.co/members/19895379
https://printable-calendar.mn.co/members/19907462

#22 By 4240821 (62.76.146.75) at 11/8/2023 11:58:02 AM
https://www.hackerearth.com/@gdisduddserro1984
https://www.hackerearth.com/@tickhighwahrta1983
https://www.hackerearth.com/@afinalun1972
https://www.hackerearth.com/@denuarelis1978
https://www.hackerearth.com/@frenenniran1983
https://www.hackerearth.com/@orfiparvo1979
https://www.hackerearth.com/@lindtricpecpi1971
https://www.hackerearth.com/@naistanorna1978
https://www.hackerearth.com/@millmenscircma1979
https://www.hackerearth.com/@boxlistdisjudg1986

#23 By 4240821 (45.146.26.215) at 11/10/2023 3:47:49 PM
http://www.ttbizonline.com/pro/20231109180813
http://www.ttbizonline.com/pro/20231109234115
http://www.ttbizonline.com/pro/20231109121106
http://www.ttbizonline.com/pro/20231110000204
http://www.ttbizonline.com/pro/20231109131741
http://www.ttbizonline.com/pro/20231110050546
http://www.ttbizonline.com/pro/20231109152123
http://www.ttbizonline.com/pro/20231109085831
http://www.ttbizonline.com/pro/20231109054034
http://www.ttbizonline.com/pro/20231109212200

#24 By 4240821 (109.94.216.41) at 11/11/2023 10:45:03 PM
https://www.mddir.com/company/iarateenxxx-onlyfans-leaked/
https://www.mddir.com/company/betty_valentine-clips4sale-leaked/
https://www.mddir.com/company/lilbitchbaby4-fansly-leak/
https://www.mddir.com/company/giselleveenstra-onlyfans-leak/
https://www.mddir.com/company/mahoganyjyrose-clips4sale-leaked/
https://www.mddir.com/company/xnaturalxnanix-onlyfans-leaked/
https://www.mddir.com/company/sex_bunny_-manyvids-leaked/
https://www.mddir.com/company/myia6777-onlyfans-leaked/
https://www.mddir.com/company/ohfuckclaire-onlyfans-leak/
https://www.mddir.com/company/brookie-xoxo-cookie-patreon-leaked/

#25 By 4240821 (194.190.178.141) at 11/12/2023 11:51:24 PM
https://instem.res.in/comment/reply/2557/720338
https://instem.res.in/comment/reply/2557/720289
https://instem.res.in/comment/reply/2897/720475
https://instem.res.in/comment/reply/2557/720207
https://instem.res.in/comment/reply/2557/720212
https://instem.res.in/comment/reply/3626/720444
https://instem.res.in/comment/reply/2557/720288
https://instem.res.in/comment/reply/3627/720524
https://instem.res.in/comment/reply/3622/720533
https://instem.res.in/comment/reply/3622/720533

Write Comment
Return to News
  Displaying 1 through 25 of 309
Last | Next
  The time now is 2:54:28 PM ET.
Any comment problems? E-mail us
User name and password:

 

  *  
  *   *