ITS Homepage Click here for text version of ITS homepage University at AlbanyUAlbany Site IndexUAlbany Search
alerts_tag
*UNPATCHED* Vulnerability in QuickTime


ALARM Group ALERT - click for a description of ALARM, The Computing Alert System


Alert Number:  011108-01
Alert Date:  01/11/08
Alert Title:  *UNPATCHED* Vulnerability in QuickTime
Update-to:  None.
OS/Platform/Application:  Apple QuickTime < version 7.3.1.70 and prior on all applicable operating systems
Category:  ALERT
Severity:  HIGH
Attention:  System Administrators, Desktop Support Personnel, QuickTime users

Summary:  Multiple Internet Security-related agencies are reporting the existence of a vulnerability in the popular QuickTime media player application.   Visitation of a malicious website or viewing of a malicious .QTL file is the most likely mechanism of exploit and could result in takeover of a vulnerable system.  At the time of this writing (11:20 AM January 11 2008) no patch has yet been provided by the vendor to
address this vulnerability.

Recommended Actions:  System Administrators and QuickTime users are encouraged to read the security bulletins (safe links provided below) and not to visit untrusted websites and/or view untrusted .QTL files until a patch has been made available from the vendor.

Readers are encouraged to share this alert with family, friends, and associates who may use QuickTime on their home PCs.

ITS Actions:  N/A

Resources:

Secunia Advisory:
http://secunia.com/advisories/28423/

FrSIRT Advisory:
http://www.frsirt.com/english/advisories/2008/0107
 

BLANKABCDEFGHIJKLMBLANK
BLANKNOPQRSTUVWXYZBLANK
CHOOSE FROM the ITS Site Index

GO TO an ITS Group

Information Technology Services
University at Albany, SUNY
1400 Washington Avenue
Albany, NY 12222
ITS Service Centers:  518-442-4000
  		University at Albany Home Page
Contact UAlbany | Directories | Calendars | Visitors | Site Index | Search
Admissions | Academics | Research | IT Services | Libraries | Athletics
Internet Privacy Policy              IT Policies