Windows QuickTime users – APPLY THE PATCH!!


Apple has released a patch for Quicktime that fixes a bucket-load of image parsing bugs. If you’re a Windows user, you should apply th patch ASAP. The clock is ticking.


http://www.us-cert.gov/cas/techalerts/TA06-011A.html

Comments (9)

  1. Travis Owens says:

    All you need to do is run ver 7.0.4 as it fixes the flaws, the direct link to the standalone (iow no iTunes) Quicktime can be found at:

    http://www.apple.com/quicktime/download/standalone.html

  2. Alun Jones says:

    Apple’s site is really not easy to make your way through – most people searching for the patch here have ended up at either a page telling you how to run the Mac equivalent of Windows Update (not helpful to those of us looking for Windows fixes), or a page offering the Mac Quicktime download (again, not helpful to Windows users).

    A few have been able to find the Windows download page, but the most obvious link from there is to download iTunes packaged with QuickTime, and you can’t tell from the version of the package whether it contains the right version of QuickTime.

    Following a tip, I did eventually find that if you click on some really small text, ignoring the big button, there is a link to a standalone install for QuickTime for Windows 7.0.4 – http://www.apple.com/quicktime/download/standalone.html

    Sadly, this is not a patch, it’s a full replacement. I can’t find the document today, but I seem to remember reading yesterday that Apple recommends you uninstall QuickTime first, then install the new version.

    So, for those people complaining about MS patch management, I’d point them to how painful it is to address this QuickTime flaw.

    At the place I work, we’re trying to figure out exactly how to roll it out to the various workstations that have it deployed already, and we’re praying that the answer isn’t that we have to visit a couple of hundred cubicles.

  3. PatriotB says:

    Oh, great. Another 20 MB download to fix one little QT bug.

  4. tony roth says:

    hmm, are you trying to imply something here?

    tr

  5. Even though the vulnerability is in Apple’s code, if this is exploited, it will affect Window’s security perception in the public. Shouldn’t we work with Apple on this to make the patch available from Microsoft Update?

  6. tzagotta says:

    Funny how the media really amplifies security holes found in MS products, e.g., recent WMF issues, and is nearly dead silent on similar issues in Apple’s software. What’s up with that?

  7. What about previous versions of quicktime? If I have QT 6.5.2, am I vulnerable?