Quicktime 7.2
Quicktime is basically an audio and video computer player. What it also does is files formatting, environment for media authoring and many other things as delivering streaming media with Linux, Windows and Solaris and delivering live events on the internet. It’s only a small part of Quicktime abilities and as far as it has many other useful features, it is one of the most popular computers’ players.
Apple, the firm that created Quicktime, has recently released a new version of this player Quicktime 7.2. Every single product has some weaknesses, especially those linked with internet. Updated Quicktime is not an exception. Viewing a maliciously crafted H264 movie/movie/.m4v/SMIL file or visiting a malicious website while using the updated version of this player may cause arbitrary code execution.
The update for Quicktime is indispensable, because of MPack. MPack is a PHP-based malware kit, which is sold as commercial software. The server-side software is able to customize attacks to a variety of web browsers. It generally works by being loaded in an IFrame attached to the bottom of a hacked website. When a user visits the page, MPack sends a script that loads in the IFrame and determines if any vulnerabilities in the browser or operating system can be exploited. If it finds any, it will exploit them and store various statistics for future reference.
As far as MPack is updated almost every single month and in the list of it’s exploits it tries is one for Quicktime the newest updates may fix some of known problems or at least tip some of them. Updated Quicktime is definitely one of the applications that will shorten the window of opportunity for the bad guys.
Apple does not deny that this player may cause some disorder to your computer, yet they do not confirm that it’ll necessarily will. The firm is doing a research on possible mistakes in program and until it won’t be done properly no patches or releases will be available.
Recently commented malware