Apple has released QuickTime 7.6.8 for Windows, fixing 2 vulnerabilities limited to the Windows version.

The first was the famous (in some circles) ‘_Marshaled_pUnk’ vulnerability. Apple had left this value in QuickTime for Windows as a valid parameter, but removed the code to handle it. This allowed an attacker to place their own code to run. See just below for a demo of the vulnerability in action.

The second is described as “Viewing an image in a maliciously prepared directory may lead to arbitrary code execution.” What it seems to be is the Windows malicious DLL loading problem as implemented in the QuickTime Picture Viewer. Apple removes the current working directory from the search path to fix the bug.

View full post on Security Watch

• Apple patches 15 QuickTime bugs in Leopard, Windows
  Apple on Tuesday patched 15 vulnerabilities in its QuickTime media player for Windows and Mac OS X 10.5, aka Leopard. - on Computerworld Security News...
• Apple patches months-old QuickTime bugs
  Apple patched a critical vulnerability in QuickTime on Wednesday that was reported to the company by a bug bounty program months ago. View full post on Computerworld Security News...
• Apple Patches QuickTime for Windows
  Apple has issued QuickTime version 7.6.7 for Windows to fix a vulnerability in that product. The Mac version of QuickTime is not affected. View full post on PCMag.com Security Coverage...
• Apple Fixes QuickTime for Windows
  Apple has issued QuickTime version 7.6.7 for Windows to fix a vulnerability in that product. The Mac version of QuickTime is not affected. The vulnerability is a stack overflow in QuickTime'...
• Microsoft to Issue a Dozen Updates Next Week to Windows, Visio
  Next Tuesday, February 8, 2011, Microsoft will release 12 security bulletins and software updates to fix the 22 vulnerabilities described in the bulletins. 3 of the updates have a maximum rat...
• Do You Apply New Security Updates for Windows?
  CSA DISCLAIMER: This video taken from YouTube. As well as any other video found on this site is not hosted here, it just embedded, and it taken randomly by our system from video hosting services lik...
• Apple QuickTime 7.6.9 Fixes 15 Vulnerabilities
  A new version of Apple QuickTime fixes 15 vulnerabilities, nearly all critical. All 15 fixes affect the Windows versions of QuickTime. 13 of them affect the Mac version as well. 14 vulnera...
• Adobe Releases Flash Updates For 0-Day Bugs [Updated]
  Adobe has released updates to Flash Player on Windows, Macintosh, Linux, Solaris and Android to address a large number of vulnerabilities. The new version for Windows, Macintosh, Linux, and...
• Apple, Adobe patch critical bugs
  Adobe Systems and Apple released security updates Monday, including a critical Adobe Flash Player fix for a flaw that had been used in cyberattacks. View full post on Network World on Security...
• Microsoft Updates Fix 11 Vulnerabilities in Windows, Office
  Microsoft has released 9 security bulletins, 4 of them with a maximum rating of critical, addressing a total of 11 vulnerabilities. [Correction: An earlier version of this story erroneously l...