Apple releases QuickTime 7.4.1 for Leopard, Tiger and Panther

Apple on Wednesday released QuickTime 7.4.1, a recommended security update for all users of QuickTime 7.0 running Mac OS X 10.5 Leopard, Mac OS X 10.4.9 Tiger, Mac OS X 10.3.9 Panther, Windows XP SP2, and Windows Vista.

The software update patches a vulnerability where visiting a malicious website could lead to an unexpected application termination or arbitrary code execution.

"A heap buffer overflow exists in QuickTime's handling of HTTP responses when RTSP tunneling is enabled," Apple said. "By enticing a user to visit a maliciously crafted webpage, an attacker may cause an unexpected application termination or arbitrary code execution."

QuickTime 7.4.1 addresses the issue through improved bounds checking.

The update is available as 55.5MB download for Leopard, a 51.7MB download for Tiger, a 50.4MB download for Panther, and a 22.3MB download for Windows Vista or XP SP2.

Follow AppleInsider on Google News

23 Comments

solipsism

said about 16 years ago

Is Apple getting sloppy with it's update sizes? Before the update my QT was 26MB, after it is 29MB. Are they really changing that much in associated frameworks?

eai

said about 16 years ago

It's likely they're changing one or maybe two lines of code, so these huge patches are certainly overkill... They could patch it in like 5kb...

bregalad

said about 16 years ago

I find it odd that the Mac updates are more than twice the size of the Windows one. I know we have two processor architectures to support, but that doesn't explain the extra size. Plus Windows QT implements non-native UI so it should be bigger than the Mac version.