Apple patches QuickTime bug that was hidden in book

[Juha-Matti Laurio <juha-matti.laurio () netti fi>]

"Apple has issued patches for its QuickTime and iTunes software, fixing critical security flaws along with a bug
that was first hinted at earlier this year in a book on Macintosh computer hacking.

The updates fix 10 QuickTime vulnerabilities and a single bug in iTunes.
The flaws affect both Windows and Mac users and have been patched in the QuickTime 7.6.2
and iTunes 8.2 releases, published Monday.

Most of the bugs were not publicly known of before today's updates,
so it's unlikely that they were exploited by cyber-criminals.
However, it turns out that one flaw -- a bug in the way QuickTime reads files that are compressed using the JPEG 2000 
(JP2) compression standard
-- was partially disclosed in Charlie Miller and Dino Dai Zovi's book,
"The Mac Hacker's Handbook," released in March."
--clip--

More at
http://www.pcworld.com/businesscenter/article/165888/apple_patches_quicktime_bug_that_was_hidden_in_book.html
 
Juha-Matti
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.