QuickTime 7.3.1 Plugs RTSP Security Hole

Apple released QuickTime 7.3.1 Thursday afternoon to address several security flaws in the multimedia tool. Most notably, the update patches an RTSP flaw that could allow at attacker to run unauthorized code on a victimis computer.

The update also fixed a QTL flaw that an attacker could use to cause applications to crash or run arbitrary code on the victimis computer, and patched several security holes in the QuickTime Flash media handler by limiting playback to known safe formats.

QuickTime 7.3.1 updates are available for Mac OS X 10.3.9, 10.4.9 and higher, and 10.5, as well as Windows XP SP2 and Windows Vista. The updates are free and available through Appleis Software Update application and as stand alone installers from the Apple QuickTime Web site.