Apple has patched a flaw in its Quicktime multimedia player that is currently being exploited by attackers.
The vulnerability exists in the way Quicktime handles RTSP streaming media files. When a specially crafted file is launched, a buffer overflow error occurs. This error allows an attacker to remotely execute code on the targeted user's machine.
The vulnerability was discovered by Polish security researcher Krystian Kloskowski in late November. Less than two weeks later, reports surfaced that attackers were actively targeting the vulnerability via adult websites.
The flaw was considered a greater risk for Firefox users because of the way the browser interacted with the Quicktime player. Researchers found that both Internet Explorer and Safari were able to prevent the attack form successfully executing.
The update addresses the issue in both the Quicktime player software for both Windows and MacOS systems. Users can download the update from Apple's website or via the company's Software Update utility.
Comcast's £29.7bn winning bid more than twice the £13.7bn Rupert Murdoch valued Sky at just eight years ago
A nuclear strike has been considered, but Bruce Willis is nowhere in sight
Spray-on antenna could enable seamless integration of antennas with everyday objects
Parker Solar Probe, TESS and GOLD missions will deliver exciting data, claims NASA