Apple released five security fixes covering vulnerabilities for its QuickTime application today, all of which repair errors that could allow remote hackers to launch an attack on affected computers. The patches, which are addressed in Apple"s updated in QuickTime 7.5, affect the previous version 7.4.5, which was released in April.
Four of the five repairs affect numerous versions of Mac OS X and Windows, while one patch affects only Windows Vista and XP SP2. Two of the updates fix heap buffer overflow errors resulting from QuickTime"s mishandling of the PICT image file. Both vulnerabilities could be exploited if a user was enticed to open a maliciously-crafted PICT image, which would allow an attacker to take complete control of the user"s computer or shut it down entirely.