Apple Plugs Gaping Holes in QuickTime, iTunes

Just call it Mac OS X patchapalooza.  Over the last week, Apple has shipped security patches to cover 88 vulnerabilities in the Mac operating system, 16 holes in the QuickTime media player, 7 flaws in iTunes and a security bug in the AirPort Base Station.

Just call it Mac OS X patchapalooza.  Over the last week, Apple has shipped security patches to cover 88 vulnerabilities in the Mac operating system, 16 holes in the QuickTime media player, 7 flaws in iTunes and a security bug in the AirPort Base Station.

In the days following the release of the Mac OS X v10.6.3 update, Apple also covered remote code execution holes in QuickTime and iTunes, who software products found on millions of Mac and Windows machines.

The most dangerous QuickTime flaws could be exploited to launch malware attacks if a user simply opens a rigged image or audio file.  QuickTime is shipped by default on Mac OS X and is a required part of the iTunes software on Windows.

The iTunes update also covers security holes that could be exploited via booby-trapped image files.  These updates should be considered “high-priority” on Windows and Mac OS X.

The Airport Base Station patch fixes an issue that lets an unauthorized user to connect to a restricted network that uses a network extender.

Suggested articles