{"id":89,"date":"2008-02-07T11:42:07","date_gmt":"2008-02-07T09:42:07","guid":{"rendered":"http:\/\/blog.intego.com\/2008\/02\/07\/apple-issues-critical-quicktime-update\/"},"modified":"2008-02-07T11:42:07","modified_gmt":"2008-02-07T09:42:07","slug":"apple-issues-critical-quicktime-update","status":"publish","type":"post","link":"https:\/\/www.intego.com\/mac-security-blog\/apple-issues-critical-quicktime-update\/","title":{"rendered":"Apple Issues Critical QuickTime Update"},"content":{"rendered":"<p>Apple has just released <a href=\"http:\/\/docs.info.apple.com\/article.html?artnum=307407\">QuickTime 7.4.1<\/a>, an update to its media software, that includes a critical security fix. They describe the problem and fix as follows:<\/p>\n<blockquote><p>\n&#8220;Visiting a malicious website may lead to an unexpected application termination or arbitrary code execution Description:  A heap buffer overflow exists in QuickTime&#8217;s handling of HTTP responses when RTSP tunneling is enabled. By enticing a user to visit a maliciously crafted webpage, an attacker may cause an unexpected application termination or arbitrary code execution. This update addresses the issue through improved bounds checking.&#8221;<\/p><\/blockquote>\n<p>This problem is similar to the QuickTime streaming flaw that <a href=\"https:\/\/www.intego.com\/mac-security-blog\/wp-admin\/post.php?action=edit&#038;post=67\">we wrote about last November<\/a>, which was patched <a href=\"https:\/\/www.intego.com\/mac-security-blog\/wp-admin\/post.php?action=edit&#038;post=72\">in mid-December<\/a>. This recent update is for Mac OS X 10.3, 10.4 and 10.5.<\/p>\n<p>Apple has been having repeated problems with QuickTime flaws, and this one is important to fix. There are exploits in the wild, with sample code for wannabe hackers to try their luck. Get this update now from Software Update, or from the link at the beginning of this article.  <\/p>\n","protected":false},"excerpt":{"rendered":"<p>Apple has just released QuickTime 7.4.1, an update to its media software, that includes a critical security fix. They describe the problem and fix as follows: &#8220;Visiting a malicious website may lead to an unexpected application termination or arbitrary code execution Description: A heap buffer overflow exists in QuickTime&#8217;s handling of HTTP responses when RTSP [&hellip;]<\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"spay_email":"","jetpack_publicize_message":"","jetpack_is_tweetstorm":false},"categories":[7,13],"tags":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v17.4 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<meta name=\"description\" content=\"Apple has just released QuickTime 7.4.1, an update to its media software, that includes a critical security fix. They describe the problem and fix as\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.intego.com\/mac-security-blog\/apple-issues-critical-quicktime-update\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Apple Issues Critical QuickTime Update - The Mac Security Blog\" \/>\n<meta property=\"og:description\" content=\"Apple has just released QuickTime 7.4.1, an update to its media software, that includes a critical security fix. They describe the problem and fix as\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.intego.com\/mac-security-blog\/apple-issues-critical-quicktime-update\/\" \/>\n<meta property=\"og:site_name\" content=\"The Mac Security Blog\" \/>\n<meta property=\"article:published_time\" content=\"2008-02-07T09:42:07+00:00\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Peter James\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\",\"name\":\"Intego\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/\",\"sameAs\":[],\"logo\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#logo\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png\",\"contentUrl\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png\",\"width\":875,\"height\":875,\"caption\":\"Intego\"},\"image\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#logo\"}},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#website\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/\",\"name\":\"The Mac Security Blog\",\"description\":\"Keep Macs safe from the dangers of the Internet\",\"publisher\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.intego.com\/mac-security-blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/apple-issues-critical-quicktime-update\/#webpage\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/apple-issues-critical-quicktime-update\/\",\"name\":\"Apple Issues Critical QuickTime Update - The Mac Security Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#website\"},\"datePublished\":\"2008-02-07T09:42:07+00:00\",\"dateModified\":\"2008-02-07T09:42:07+00:00\",\"description\":\"Apple has just released QuickTime 7.4.1, an update to its media software, that includes a critical security fix. They describe the problem and fix as\",\"breadcrumb\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/apple-issues-critical-quicktime-update\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.intego.com\/mac-security-blog\/apple-issues-critical-quicktime-update\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/apple-issues-critical-quicktime-update\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.intego.com\/mac-security-blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Apple Issues Critical QuickTime Update\"}]},{\"@type\":\"Article\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/apple-issues-critical-quicktime-update\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/apple-issues-critical-quicktime-update\/#webpage\"},\"author\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/d0c16bd0a4dd8f82d91204f400c8d116\"},\"headline\":\"Apple Issues Critical QuickTime Update\",\"datePublished\":\"2008-02-07T09:42:07+00:00\",\"dateModified\":\"2008-02-07T09:42:07+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/apple-issues-critical-quicktime-update\/#webpage\"},\"wordCount\":171,\"publisher\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\"},\"articleSection\":[\"Apple\",\"Security &amp; Privacy\"],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/d0c16bd0a4dd8f82d91204f400c8d116\",\"name\":\"Peter James\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#personlogo\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/0626bfb4ada576ba5aa775322329ad47?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/0626bfb4ada576ba5aa775322329ad47?s=96&d=mm&r=g\",\"caption\":\"Peter James\"},\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/author\/peter\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"description":"Apple has just released QuickTime 7.4.1, an update to its media software, that includes a critical security fix. They describe the problem and fix as","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.intego.com\/mac-security-blog\/apple-issues-critical-quicktime-update\/","og_locale":"en_US","og_type":"article","og_title":"Apple Issues Critical QuickTime Update - The Mac Security Blog","og_description":"Apple has just released QuickTime 7.4.1, an update to its media software, that includes a critical security fix. They describe the problem and fix as","og_url":"https:\/\/www.intego.com\/mac-security-blog\/apple-issues-critical-quicktime-update\/","og_site_name":"The Mac Security Blog","article_published_time":"2008-02-07T09:42:07+00:00","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Peter James","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Organization","@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization","name":"Intego","url":"https:\/\/www.intego.com\/mac-security-blog\/","sameAs":[],"logo":{"@type":"ImageObject","@id":"https:\/\/www.intego.com\/mac-security-blog\/#logo","inLanguage":"en-US","url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png","contentUrl":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png","width":875,"height":875,"caption":"Intego"},"image":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#logo"}},{"@type":"WebSite","@id":"https:\/\/www.intego.com\/mac-security-blog\/#website","url":"https:\/\/www.intego.com\/mac-security-blog\/","name":"The Mac Security Blog","description":"Keep Macs safe from the dangers of the Internet","publisher":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.intego.com\/mac-security-blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.intego.com\/mac-security-blog\/apple-issues-critical-quicktime-update\/#webpage","url":"https:\/\/www.intego.com\/mac-security-blog\/apple-issues-critical-quicktime-update\/","name":"Apple Issues Critical QuickTime Update - The Mac Security Blog","isPartOf":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#website"},"datePublished":"2008-02-07T09:42:07+00:00","dateModified":"2008-02-07T09:42:07+00:00","description":"Apple has just released QuickTime 7.4.1, an update to its media software, that includes a critical security fix. They describe the problem and fix as","breadcrumb":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/apple-issues-critical-quicktime-update\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.intego.com\/mac-security-blog\/apple-issues-critical-quicktime-update\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.intego.com\/mac-security-blog\/apple-issues-critical-quicktime-update\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.intego.com\/mac-security-blog\/"},{"@type":"ListItem","position":2,"name":"Apple Issues Critical QuickTime Update"}]},{"@type":"Article","@id":"https:\/\/www.intego.com\/mac-security-blog\/apple-issues-critical-quicktime-update\/#article","isPartOf":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/apple-issues-critical-quicktime-update\/#webpage"},"author":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/d0c16bd0a4dd8f82d91204f400c8d116"},"headline":"Apple Issues Critical QuickTime Update","datePublished":"2008-02-07T09:42:07+00:00","dateModified":"2008-02-07T09:42:07+00:00","mainEntityOfPage":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/apple-issues-critical-quicktime-update\/#webpage"},"wordCount":171,"publisher":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization"},"articleSection":["Apple","Security &amp; Privacy"],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/d0c16bd0a4dd8f82d91204f400c8d116","name":"Peter James","image":{"@type":"ImageObject","@id":"https:\/\/www.intego.com\/mac-security-blog\/#personlogo","inLanguage":"en-US","url":"https:\/\/secure.gravatar.com\/avatar\/0626bfb4ada576ba5aa775322329ad47?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/0626bfb4ada576ba5aa775322329ad47?s=96&d=mm&r=g","caption":"Peter James"},"url":"https:\/\/www.intego.com\/mac-security-blog\/author\/peter\/"}]}},"jetpack_featured_media_url":"","jetpack_publicize_connections":[],"jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p4VAYd-1r","amp_enabled":true,"_links":{"self":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts\/89"}],"collection":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/comments?post=89"}],"version-history":[{"count":0,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts\/89\/revisions"}],"wp:attachment":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/media?parent=89"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/categories?post=89"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/tags?post=89"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}