Apple heeft een nieuwe versie van zijn mediaspeler QuickTime uitgebracht. QuickTime is alleen voor Windows Vista en 7 beschikbaar en wordt verder standaard met OS X meegeleverd. Het programma kan worden gebruikt om afbeeldingen te bekijken, muziek te beluisteren en filmbestanden af te spelen. Versie 7.7.8 lost enkele beveiligingsproblemen op.
What's New in QuickTime 7.7.9
The QuickTime web browser plug-in is no longer installed by default and is removed if you have a previous version of QuickTime on your PC. If you still need this legacy plug-in, you can add it back using the custom setup option in the installer.
QuickTime 7.7.9 improves security and is recommended for all QuickTime 7 users on Windows. Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution.
Description: Multiple memory corruption issues existed in QuickTime. These issues were addressed through improved memory handling.
- CVE-2015-7085 : an anonymous researcher
- CVE-2015-7086 : an anonymous researcher
- CVE-2015-7087 : Ryan Pentney and Richard Johnson of Cisco Talos
- CVE-2015-7088 : Ryan Pentney and Richard Johnson of Cisco Talos
- CVE-2015-7089 : Ryan Pentney and Richard Johnson of Cisco Talos
- CVE-2015-7090 : Ryan Pentney and Richard Johnson of Cisco Talos
- CVE-2015-7091 : Pedro Ribeiro (pedrib@gmail.com) of Agile Information Security
- CVE-2015-7092 : Jaanus Kp Clarified Security working with HP's Zero Day Initiative
- CVE-2015-7117: Ryan Pentney and Richard Johnson of Cisco Talos
