Feeds

Apple patches QuickTime bug

Fruity

Build a business case: developing custom apps

Apple has fixed a flaw in its QuickTime media playback software that allowed malicious coders to install malware onto vulnerable systems.

The vulnerability - which affects both Windows and Mac OS X PCs - was published as part of the "Month of Apple Bugs" project, which involves a plan to release details of previously undisclosed Mac OS X or Apple application security bugs every day in January.

The QuickTime flaw involves an error in processing malformed Real Time Streaming Protocol (RTSP) URLs. As a result, users tricked into running malformed QuickTime files or who visit a hacker website hosting exploit code are liable to find their systems compromised due to this stack-based buffer overflow bug.

The flaw attracted particular attention because of the availability of exploit code targeting it, which greatly increased the risk it posed.

Apple has released fixes for QuickTime 7.1.3 on Mac OS X v10.3.9, Mac OS X Server v10.3.9, Mac OS X v10.4.8, Mac OS X Server v10.4.8, Windows XP/2000as (explained here), which users are advised to apply in order to guard against exploitation. ®

Next gen security for virtualised datacentres

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Endpoint data privacy in the cloud is easier than you think
Innovations in encryption and storage resolve issues of data privacy and key requirements for companies to look for in a solution.
Scale data protection with your virtual environment
To scale at the rate of virtualization growth, data protection solutions need to adopt new capabilities and simplify current features.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?