main

QuickTime flaws put Macs and PCs at risk

AshMan   on 16 May 2006 - 12:45 · 29 comments & 13085 views

Advertisement (Why?)
Serious flaws in Mac OS X and QuickTime software could put Macintosh and Windows systems at risk of cyber attack, Apple has warned.

In a pair of security alerts released on Thursday, Apple outlined 31 flaws that affect various versions of the operating system and a dozen vulnerabilities in its QuickTime media player software. Security experts have deemed the issues "critical" but Apple does not provide a severity rating. Fixes are available.

Apple's security update 2006-003 for Mac OS X and the QuickTime patch can be downloaded and installed via Software Update or from the Apple Downloads website.

News source: Silicon.com

Share this Article

About the Author

Full name: Unknown
User name: AshMan
Contact: via forum PM
Submissions: View All
More: View Profile

Related news

Post a comment · Send to friend Comments · There are 29 additional comments
#1 Jon on 16 May 2006 - 12:51
Apple is so far behind MS when it comes to managing security vulnerabilities and patch releases, I can't believe they don't even give a hit of a security rating, and details are totally minimal. MS may be borrowing their various GUI ideas, but Apple really should borrow some of MS's in this case.

These things are pretty easy to fix via automatic updates on a home machine, but corporate deployments are another kettle of fish, especially Quicktime for PCs.

(No I'm not trolling, that's an opinion based on my experience )
#2 andy2004 on 16 May 2006 - 12:51
so what versions of quicktime does this effect ? what version should i be using ?
(2 replies) #3 Shetland on 16 May 2006 - 12:59
that was possibly the worst bit of reporting EVER.
look at how it repeats itself etc. (not blaming ashman, its sillicon)
#3.1 rIaHc3 on 16 May 2006 - 13:04
its ashman's problem too.....I mean its clear that he didnt even read the news...


Its very sad the direction Neowin is heading. I remember this when I joined as a great site....now everyday its quality gets lower.
#3.2 Quick Reply on 16 May 2006 - 13:40
But we need the news to prevent us from "Cyber Attack"
#4 Toastyone on 16 May 2006 - 13:09
Um yeah it would have been nice if someone read over it and had not copied it twice...and also put in that

Quote -
Apple's security update 2006-003 for Mac OS X and the QuickTime patch can be downloaded and installed via Software Update preferences or from the Apple Downloads website.


rather than just saying "Fixes are available." >_<
(1 reply) #5 andy2004 on 16 May 2006 - 13:16
so do i need install quicktime 7.1 ? im still running 6 atm on windows. Is it worth installing itunes 6 also ? i was going to update itunes but someone said that apple had added some useless printing service in the latest itunes ?
#5.1 Nand on 16 May 2006 - 22:03
i think you might be able to uninstall the newly upgraded itunes (w/ new quictime) and install just the old you have.
But don't take my word on that since, I only use quicktime and uninstalled itunes altogether.
(2 replies) #6 soloredd on 16 May 2006 - 13:26
I agree, just like last week's report of the Flash update from Windows Update. In the news posting it says that there are 2 files the user needs to manually delete then re-install Flash. Luckily, one of the other users posted a link to the Microsoft KB article...as the news post left out that vital information.

I've never responded to the quality of the news reporting on Neowin before but this is the second time in the last week that important information has been reported...and important information has been left out.
#6.1 McG on 16 May 2006 - 15:30
Quote - soloredd said @ #4.1

I've never responded to the quality of the news reporting on Neowin before but this is the second time in the last week that important information has been reported...and important information has been left out.

Agreed.
#6.2 dolimite35 on 16 May 2006 - 21:50
I agree also. The "RIAA: Trading CDs is Illegal" news post is the worst front page news on Neowin i seen so far. Over 10 paragraphs and the news poster took the first and last paragraphs and gave it a miss leading title. No where in the news sorce did the RIAA say it was illegal, the sad part was they were trying to help people from getting scammed. But only a few people read the source link and the rest just went off the title because no where in the three juggled around paragraphs on the front page was any indication of something being illegal or legal action being taken. Neowin need to step it up, have some editors look at the news post before they go live on the front page.
(2 replies) #7 kronik on 16 May 2006 - 14:35
so does this affect Quicktime alternative?
#7.1 figgy on 16 May 2006 - 15:36
I was suprised the alternative version was updated the very next day after Apples's update.
So the patches are present in the new version of quicktime alternative
#7.2 Audhumla on 16 May 2006 - 20:54
Thanks for the info. Such a quick update to alternative is certainly unexpected.
#8 xorian on 16 May 2006 - 14:46
31 flaws .. impressive
(1 reply) #9 altermind on 16 May 2006 - 14:50
thing about this.. is the patchs that itunes or quicktime get are HUGE.... like.. 36 megs was last reliese or something.. I might be wrong...

but ya

and someone tell the mac fanboys that apple does make mistakes also lol
#9.1 Ryster092 on 16 May 2006 - 17:20
Yeah, from my perspective as the outsider looking in, it seems like Apple "save up" their vulnerabilities and produce several large patches every year. Microsoft may be bad for the security problems in the first place (although that is open for debate), but at least their patch release rate and the ease of deployment is better than Apples.
(3 replies) #10 Kushan on 16 May 2006 - 15:50
Just don't use quicktime, quicktime alternative is a much better solution anyway. For the sheer fact that you can watch any quicktime file in ANY player alone is worth it, but you also know you're not going to get iTunes shoved down your throat (and yes, I'm aware a version of QT is available without iTunes, but the fact that you have to go on a hunt for it is just wrong, it should never have been a part of quicktime in the first place).
#10.1 darkmark327 on 16 May 2006 - 16:16
Agreed. I wonder if the EU ever thought, "gee, maybe people don't use RealPlayer and Quicktime not because WMP is bundled with windows, but rather because RealPlayer and Quicktime are obtrusive, bloated pieces of crap."
#10.2 Ryster092 on 16 May 2006 - 17:24
iTunes is not part of quicktime. What you are referring to is simply the bundling of one product with another as the default option. While I agree the link could be bigger and more prominant, I wouldn't call moving your mouse an inch and half to the right and clicking the "standalone installer" link a hunt
#10.3 Angel Blue01 on 16 May 2006 - 20:14
Doesn't Quicktime alternative use Quicktime to play videos (I installed a codec pack that had Quicktime alternative so I'm not sure)?
#11 McG on 16 May 2006 - 17:50
Updated. Thanks for the heads up.
#12 ^_^ Silly Willy on 16 May 2006 - 18:41
wonder if they'll add this to their new string of commercials ^_-
#13 macstorm on 16 May 2006 - 19:18
does this affects to latest v.7.1? article is not clear
(1 reply) #14 Aahz on 16 May 2006 - 19:43
But that commercial said that Macs don't get viruses like Windows...oh maybe they just GIVE viruses to Windows
#14.1 Toastyone on 16 May 2006 - 22:33
This is not a virus silly it is a security flaw :p
#15 Octol on 16 May 2006 - 21:17
I couldn't find any information on the Apple website about these vulnerabilities, so I just installed QT 7.1 on the assumption that the vulnerabillities would have been fixed in this version.

I sure hope this is true.
#16 chan1975 on 16 May 2006 - 21:21
funny. I did update existing software and didn't show updates lol. I read on another site about updating to but it shows no updates.
#17 Ely on 17 May 2006 - 00:38
31 flaws wow, there goes the almighty never flawed OSX and apple, lol nahh seriously all OSes will have security issues, but this should show the Mac fan boys that MACs CAN and have lots of flaws too.

Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!

Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.

Advertisement (Why?)
News powered by Neowin Management System (Build - 5.0.879) © 2000 - 2008 Neowin.net