Hi :)
QuoteLMH has discovered a vulnerability in Apple Quicktime, which can be exploited by malicious people to compromise a user's system. Do not open untrusted QTL files.
2007-01-02
http://secunia.com/advisories/23540/
http://projects.info-pull.com/moab/MOAB-01-01-2007.html
Latest news:
http://news.com.com/PDF+security+risk+greater+than+originally+thought/2100-1002_3-6147428.html
Apple has provided a fix for Apple QuickTime RTSP buffer overflow
QuoteSolution. Apply Update.
This issue is addressed in Apple Security Update 2007-001. An update for Mac OS X is available on Apple Downloads and via Software Update. An update for Microsoft Windows XP and 2000 systems is availble via the Apple Software Update application installed with QuickTime 7.1.3.
http://www.kb.cert.org/vuls/id/442497 (http://www.kb.cert.org/vuls/id/442497)
As far as I can tell,
Windows users must use the Apple Software Update application that came with Quicktime 7 to get the patch.
If you elected not to install the Apple Software update program during the Quicktime or iTunes install I don't think you will be able to get the patch.
Apple Software Update for Windows:
QuoteSoftware Update is an Apple-supplied Windows program that updates Apple software (such as iTunes and QuickTime) over the Internet.
To check whether Apple Software Update is working correctly, follow these steps:
http://docs.info.apple.com/article.html?artnum=304263 (http://docs.info.apple.com/article.html?artnum=304263)