January 21, 2009, 3:06 PM — Apple has released a new version of its QuickTime media player adding critical security fixes as well as some new tweaks to improve the software's ease-of-use and compatibility with different file formats.
QuickTime 7.6, released Wednesday for Mac OS X and Windows, patches seven bugs, all of which could let hackers install unauthorized software on a victim's computer. In recent years, hackers looking for ways to run their software on Windows PCs in particular have increasingly exploited flaws in add-on programs such as QuickTime. That's why security experts generally advise users to install this type of update as soon as possible.
The newly patched flaws do not appear to have been publicly known before Wednesday, according to Apple's security note on the update. Any attacks that exploited these flaws would involve tricking the victim into first visiting a malicious Web site or viewing a specially encoded media file, Apple said.
The 7.6 update also includes some performance-enhancements for H.2640-encoded and Motion JPEG media files, as well as some audio tweaks for AAC (Advanced Audio Coding) and MPEG video files. The update also "improves compatibility with iChat and Photo Booth," Apple said in a note on the update.