Latest Patch Corrects Serious Java Flaws In QuickTime

Apple has released updates to both the Windows and Macintosh versions of QuickTime to address two critical issues with the application's Java component.

The first flaw could grant a specially crafted Java applet the ability to read your web browser's memory, allowing a hacker to obtain sensitive information. The version 7.1.6 update clears the browser memory in question prior to giving access to untrusted Java applets. The second flaw involves an implementation issue which could potentially allow a malicious Java applet to open the door for arbitrary code execution on the victim's computer. Additional validation of these applets is performed in this latest update, thus preventing this dangerous behavior.

It is highly recommended that both Windows and Macintosh users of QuickTime download this update immediately.