Apple closes 11 QuickTime holes
Late Wednesday released an update to its popular media player QuickTime, addressing 11 vulnerabilities that could be exploited by attackers to compromise PCs.
Most of the flaws, ranked "highly critical" by tracking firm Secunia,
can be exploited to cause buffer overflows when unsuspecting end-users
are tricked into viewing a maliciously crafted video file.
All of the 11 vulnerabilities affect unpatched Windows Vista machines, while nine impact systems running Mac OS X.
This is the third time this year that Apple has pushed out QuickTime updates.
Experts said many attackers are turning to media player exploits
because users tend to trust links promising video. As a defense, users
are advised not to visit untrusted websites or click on unknown links.