Affiliate Disclosure
If you buy through our links, we may get a commission. Read our ethics policy.

Apple posts QuickTime 7.3.1 security update

 

Apple on Thursday night issued a hotfix for its QuickTime media player that patches a single but already exploited flaw in the software's handling of streaming content.

The exploit sends an improper header through QuickTime's Real Time Streaming Protocol (RTSP) service, triggering a buffer overflow that permits a hacker to run their own code and compromise an affected system.

In recent days, a website known as Ourvoyeur.net has reportedly been hijacked and used to infect systems with malware that opens a back door for hackers. That exploit targets Windows users but could theoretically apply to Mac OS X as well given the existence of the flaw in Apple's own operating system, according to one report.

The QuickTime patch is available both for the critically affected Windows systems in a 20MB download but is also offered as a roughly 50MB fix for Mac OS X Panther, Tiger, and Leopard.