Apple addresses vulnerability in QuickTime and iTunes

Apple has released an update to QuickTime player, version 7.6.2 patches ten Java security holes. Eight of the patches apply to both Mac OS X (v. 10.4.11 and later) and Windows users, while two -- the CGRN problem and an integer-underflow error addressed in one of the PICT-related patches -- are strictly for users of […]
Apple has released an update to QuickTime player, version 7.6.2 patches ten Java security holes. Eight of the patches apply to both Mac OS X (v. 10.4.11 and later) and Windows users, while two -- the CGRN problem and an integer-underflow error addressed in one of the PICT-related patches -- are strictly for users of XP SP3 and Vista. Apple also released an update to iTunes, addressing a stack buffer overflow issue that could be triggered if the user were to visit a maliciously crafted "itms:" URL.