While fans checked out the latest and greatest at Macworld on Tuesday, Apple Computer sent out a warning about serious security flaws in QuickTime.
The vulnerabilities in the media player put computers running Windows and Mac OS X at risk of being commandeered by an outsider, Apple said on its Web site. An attacker could exploit the flaws by tricking the user into opening a malicious file, the Cupertino, Calif.-based company said.
Apple released QuickTime 7.0.4 to address the vulnerabilities. The French Security Incident Response Team, a commercial security monitoring and research outfit, described the problems as "critical," its highest risk rating.
The Tuesday alert follows an October security update for the same software. Security experts have warned of unpatched flaws in QuickTime as well as iTunes software. Apple typically does not comment on unpatched flaws.
Media player flaws are nothing new. Cybercriminals are shifting their attacks from operating systems such as Windows to media players and other applications, the SANS Institute said recently.
Update : Apple Patches QuickTime Vulnerabilities
The fixes, which can be found in QuickTime 7.0.4, fix a total of five flaws in the player that could be used by attackers to run unauthorized code on a Max OS X or Windows computer running QuickTime.
Attackers theoretically could exploit the bugs by tricking a user into viewing a maliciously crafted image or media file with the QuickTime Player, Apple said in a statement released Monday.
The images could come in a variety of formats, including TIFF, GIF, TGA, or QTIF, Apple said.
The vulnerabilities in the media player put computers running Windows and Mac OS X at risk of being commandeered by an outsider, Apple said on its Web site. An attacker could exploit the flaws by tricking the user into opening a malicious file, the Cupertino, Calif.-based company said.
Apple released QuickTime 7.0.4 to address the vulnerabilities. The French Security Incident Response Team, a commercial security monitoring and research outfit, described the problems as "critical," its highest risk rating.
The Tuesday alert follows an October security update for the same software. Security experts have warned of unpatched flaws in QuickTime as well as iTunes software. Apple typically does not comment on unpatched flaws.
Media player flaws are nothing new. Cybercriminals are shifting their attacks from operating systems such as Windows to media players and other applications, the SANS Institute said recently.
Update : Apple Patches QuickTime Vulnerabilities
The fixes, which can be found in QuickTime 7.0.4, fix a total of five flaws in the player that could be used by attackers to run unauthorized code on a Max OS X or Windows computer running QuickTime.
Attackers theoretically could exploit the bugs by tricking a user into viewing a maliciously crafted image or media file with the QuickTime Player, Apple said in a statement released Monday.
The images could come in a variety of formats, including TIFF, GIF, TGA, or QTIF, Apple said.