[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

CSIRTUK ADVISORY - 3417 - Apple - Security Update for QuickTime 7.2



________________________________________________________________________


CSIRTUK ADVISORY - 3417 dated 08.10.07 time 21:00

Centre for the Protection of National Infrastructure (CPNI)

________________________________________________________________________

 Further details about CPNI, including information about our products
can be
 found at www.cpni.gov.uk

 Please note that CSIRTUK RSS Feeds are available from:
 http://www.cpni.gov.uk/rss/advisories.xml
________________________________________________________________________

Title
=====
APPLE-SA-2007-10-03 Security Update for QuickTime 7.2

Detail
======

ID: 3417
Date: 08 October 2007 21:00

------------------------------------------------------------------------
--------
Title: 3417 - APPLE-SA-2007-10-03 Security Update for QuickTime 7.2
Abstract: Description of a vulnerability that could allow arbitrary code
execution.
Vendors affected:Apple
Operating Systems affected: Vista, Windows XP SP2
Applications affected:QuickTime 7.2 
Advisory type: Information
Attack Vector: Vulnerability exploitation
Warning Status: Information only
Potential Damage: Remote unauthorised modification
Availability of fix: Available
Type of fix: Patch
Source: Apple
Reliability of source: Trusted
Source URL: http://www.apple.com/support/downloads/

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-2007-10-03 Security Update for QuickTime 7.2

Security Update for QuickTime 7.2 is now available and addresses the
following issue:

QuickTime
CVE-ID:  CVE-2007-4673
Available for:  QuickTime 7.2 on Windows Vista, XP SP2
Impact:  Viewing maliciously crafted QTL content may lead to arbitrary
code execution
Description:  A command injection issue exists in QuickTime's handling
of URLs in the qtnext field in files with QTL content. By enticing a
user to open a specially crafted file, an attacker may cause an
application to be launched with controlled command line arguments, which
may lead to arbitrary code execution. This update addresses the issue
through improved handling of URLs. This issue does not affect Mac OS X
systems.

Security Update for QuickTime 7.2 may be obtained from the Software
Update application, or from the Apple Downloads site:
http://www.apple.com/support/downloads/

The download file is named:  "SecUpdQuickTime720.msi"
Its SHA-1 digest is:  b264cbbb8e65f6e011a4161eb2d32e856b569cd7

If Apple Software Update is not already running, you can open it from
the Start menu under "All Programs". By default it is installed at
C:\Program Files\Apple Software Update\SoftwareUpdate.exe

To verify that your version of QuickTime has been updated:

For Windows XP:

*  In Windows Explorer, navigate to
C:\ProgramFiles\QuickTime\QTSystem\QuickTime.qts

*  Right click on QuickTime.qts, select Properties, then click the
Versions tab.

If the QuickTime version is 7.2.0.245 or later, then the security update
has been applied.

For Windows Vista:

*  In Windows Explorer, navigate to
C:\ProgramFiles\QuickTime\QTSystem\QuickTime.qts

*  Right click on QuickTime.qts, select Properties, then click the
General tab.

If the "Date Created" indicates September 21, 2007 or later, then the
security update has been applied.

Information will also be posted to the Apple Product Security web site:
http://docs.info.apple.com/article.html?artnum=61798

This message is signed with Apple's Product Security PGP key, and
details are available at:
http://www.apple.com/support/security/pgp/

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.0.6 (Build 6060)

iQEVAwUBRwLTXMgAoqu4Rp5tAQjl/wf/V84tn6DszCWLuqdcs7gfsj2+3ucIvNhS
N6wD7Yti+SSbIzxVaStD4qxXbnG0FiTsTqmakxGA4awt1WjLuRzZ5nc6hDIM4Cty
N3b8lStRUkIPf1qxT20ggOnzHTwF0vw7oNM4iDn//mb/LPQCGYdDNF6X6+qpFNFR
DqoLMgPGgDsNrtTTch4zwHksPGvqceC7xpl/81+dI3s1u7zfTsAaa06cp3v47EJB
UAGrf4nFTgvkEU8h1e91xu0+d+h1I1t6alc7urY9LikjeH3rxtYO4WhAOyx6zW49
jDHVBwCLf+RKO+CWisQXqFyMFLPK/ijwyyq3zhASyMP0thi4eulwNQ==
=SGSx
-----END PGP SIGNATURE-----

________________________________________________________________________

CPNI values your feedback.

1. Which of the following most reflects the value of the advisory to
you?
(Place an 'X' next to your choice)

Very useful:__ Useful:__ Not useful:__

2. If you did not find it useful, why not?


3. Any other comments? How could we improve our advisories?


Thank you for your contribution.

________________________________________________________________________

CSIRTUK wishes to acknowledge the contributions of Apple for the
information
contained in this advisory.
________________________________________________________________________

This advisory contains information released by the original author. Some
of the
information may have changed since it was released. If the issue affects
you,
it may be prudent to retrieve the advisory from the site of the original
source to ensure that you receive the most current information
concerning that
problem.

Reference to any specific commercial product, process, or service by
trade
name, trademark manufacturer, or otherwise, does not constitute or imply
its
endorsement, recommendation, or favouring by CPNI. The views and
opinions of
authors expressed within this notice shall not be used for advertising
or
product endorsement purposes.

CPNI shall not accept responsibility for any errors or omissions
contained
within this advisory. In particular, they shall not be liable for any
loss or
damage whatsoever, arising from or in connection with the usage of
information
contained within this advisory.

CSIRTUK is a member of the Forum of Incident Response and Security Teams
(FIRST)
and has contacts with other international Incident Response Teams (IRTs)
in
order to foster cooperation and coordination in incident prevention, to
prompt
rapid reaction to incidents, and to promote information sharing amongst
its
members and the community at large.
________________________________________________________________________

<End of CPNI Advisory>


The original of this email was scanned for viruses by the Government Secure Intranet Anti-Virus service supplied by Cable&Wireless in partnership with MessageLabs. (CCTM Certificate Number 2006/04/0007.) On leaving the GSi this email was certified virus free.
Communications via the GSi may be automatically logged, monitored and/or recorded for legal purposes.