All Apple news

Apple has closed nine vulnerabilities in QuickTime for Windows

Apple to update QuickTime 7.7.8 for Windows has eliminated a total of nine vulnerabilities that allow attackers to execute arbitrary code. It is reported Securitylab.

Gaps were discovered by specialists of Cisco Talos Ryan Penty and Richard Johnson, experts from Fortinet FortiGuard Labs, a private security team of Apple and researcher under the pseudonym WalkerFuz. The presence of security vulnerabilities CVE-2015-3788, CVE-2015-3789, CVE-2015-3790, CVE-2015-3791, CVE-2015-3792, CVE-2015-5751, CVE-2015-5779, CVE-2015-5785, CVE-2015-5786, envisioned to carry out the emergency shutdown QuickTime or to execute arbitrary code in the operating system

According to experts Cisco Talos, gaps existed because of an error of memory corruption in the handling of media files.

“Apple QuickTime contains multiple vulnerabilities memory corruption. With the help of specially generated file .MOV attacker can carry out an emergency shutdown of the application”, – stated in the security Bulletin Cisco Talos.

Earlier this month, Apple released updates to their products OS X, OS X Server, iOS, and Safari, which eliminated a total of 100 vulnerabilities. According to the Internet portal, shortly after the release of an update of the Italian hacker Luca Todesco reported zero-day vulnerability in OS X Yosemite that allows local privilege escalation. The flaw affects all versions of the operating system.

The hacker did not inform Apple about their discovery, published an exploit for the vulnerability on its developer portal GitHub. Apparently, in Cupertino are already aware of the problem, because in the new operating system OS X El Capitan gap is now fixed.

Leave a Reply

Your email address will not be published. Required fields are marked *