Apple releases QuickTime 7.4.1 for Leopard, Tiger and Panther
The software update patches a vulnerability where visiting a malicious website could lead to an unexpected application termination or arbitrary code execution.
"A heap buffer overflow exists in QuickTime's handling of HTTP responses when RTSP tunneling is enabled," Apple said. "By enticing a user to visit a maliciously crafted webpage, an attacker may cause an unexpected application termination or arbitrary code execution."
QuickTime 7.4.1 addresses the issue through improved bounds checking.
The update is available as 55.5MB download for Leopard, a 51.7MB download for Tiger, a 50.4MB download for Panther, and a 22.3MB download for Windows Vista or XP SP2.
23 Comments
Is Apple getting sloppy with it's update sizes? Before the update my QT was 26MB, after it is 29MB. Are they really changing that much in associated frameworks?
It's likely they're changing one or maybe two lines of code, so these huge patches are certainly overkill... They could patch it in like 5kb...
I find it odd that the Mac updates are more than twice the size of the Windows one. I know we have two processor architectures to support, but that doesn't explain the extra size. Plus Windows QT implements non-native UI so it should be bigger than the Mac version.
I find it odd that the Mac updates are more than twice the size of the Windows one. I know we have two processor architectures to support, but that doesn't explain the extra size. Plus Windows QT implements non-native UI so it should be bigger than the Mac version.
There are four: 32-bit PPC, 64-bit PPC, 32-bit-Intel and 64-bit Intel. But that still doesn't account for the size.
But that still doesn't account for the size.
The Mac OS is just more endowed.