Apple
The latest OS X flaw involved QuickTime for Java

Apple fixes QuickTime spyware flaw

JavaScript bug allowed for remote screenshots

Shaun Nichols in California

The latest security patch for Mac OS X fixes a QuickTime vulnerability that could let attackers capture images from a user's screen and upload them to a remote site.

Apple said that the vulnerability does not affect Windows users or versions of Mac OS prior to 10.4. 

Advertisement

The vulnerability is not related to the QuickTime flaw that spread through social networking site MySpace last week. 

The new flaw involves QuickTime for Java, a component that lets Java applets display QuickTime movies, and Quartz Composer, a software tool used to render images in Mac OS.

According to Apple, an attacker could place JavaScript code on a website that would use the QuickTime for Java component to obtain screen images and send them to a remote location, possibly allowing the attacker to obtain sensitive information displayed on the screen.

The security fix closes the vulnerability by not allowing unsigned Java applets to access Quartz Composer.

The patch can be downloaded from Apple's website or through OS X Software Update.

  • Have your say
  • Send to a friend
  • Print
  • Digg
  • Reddit
  • Share

Tags:

Do you agree?

Related whitepapers

Related jobs

Most watched

HTC Hero

Video: HTC Hero launch

Handset maker unveils its latest Android-based smartphone

Xperia X1

Video Review: Sony Ericsson Xperia X1

First Looks Editor Ian Williams gets hands on with the Sony Ericsson Xperia X1

IT white papers

Search white papers

Top categories

Poll

Poll: Summer smartphones

Poll: Summer smartphones

Which smartphone will you be taking to the beach this summer?

View poll results

Advertisement

Advertisement

Newsletter signup

Sign up for our range of FREE newsletters:

Existing User

Newsletter user login:

Enter email address to edit your newsletter preferences

Job of the week

Search thousands of IT jobs :

Search thousands of IT jobs:

Advanced search

Hiring now on ComputingCareers:

Related IT jobs

Search thousands of IT jobs :

Search thousands of IT jobs:

Advanced search

Spotlight

Twitter

Twitter charges are bad idea, say V3.co.uk readers

Over a third insist the service should remain free for...

great wall of china

Podcast Special: Views from the Valley

The hottest stories from the US, including news of China's...

Mobile phone charger

Top 10 articles, 3 July 09

Free upgrades for Windows 7, and standard mobile phone chargers...

Red Hat

Red Hat beta builds on virtualisation plans

Kernel-based Virtual Machine virtualisation added to latest Enterprise Linux beta

Primary Navigation