quicktime

In addition to providing full-screen viewing and various iPhone options, the latest version of QuickTime 7.2 includes eight important security fixes. This update affects users of Mac OS X v10.3.9, Mac OS X v10.4.9, as well as users of Windows XP and Windows Vista. The QuickTime update is available from Apple's Software Download for both Mac OS X and Windows users.

QuickTime H.264 movie files This patch affects users of Mac OS X v10.3.9, Mac OS X v10.4.9 or later, Windows Vista, and XP SP2 and addresses the vulnerability in CVE-2007-2295. When viewing a maliciously crafted H.264 movie, an attack may produce an unexpected application termination or arbitrary code execution. Apple credits Tom Ferris of Security-Protocols.com, and Matt Slot of Ambrosia Software, Inc. for reporting this issue.

… Read more

HeyCast is a new service from the folks that made HeyWatch [review], the online video conversion service. It lets you grab videos from popular hosting sites such as YouTube, Google Video, and Apple's Quicktime movie trailers site, and clump them together into a handy RSS feed you or anyone else can subscribe to in iTunes or other feed readers. The feed isn't just your standard RSS though--HeyCast grabs the Flash videos, converts them, and makes them available for offline viewing on your computer or portable devices.

I gave it a go this morning and came across a few … Read more

Today, Apple released a security update for Quicktime 7.1.6, further removing a vulnerability first used by a security researcher in April to win $10,000 and a new Macbook in the "PWN 2 0WN" contest at CanSecWest 2007. This security update complements an earlier bug patch for Quicktime 7.1.6 released by Apple on May 1, 2007. The 1.1Mb Windows Quicktime 7.1.6 update affects users of Windows 2000 SP4, and Windows XP SP2. The 1.4 Mb Mac Quicktime 7.1.6 update affects users of Mac OS X v10.3.9 … Read more

MySpace quietly launched Trailer Park this morning, a new area showcasing trailers for upcoming movies. All videos are played on the in-house MySpace player and can be embedded on member pages. Trailer Park is launching with five trailers from Lionsgate, Warner Bros., Independent, and Buena Vista Pictures.

The page is designed to feel like a member's profile, with forums, a friends list, and a comment board. The dearth of actual content about a movie (actors, ratings, and so on) can be found at the movie's marketing site, which gets its own link alongside the trailer.

Unfortunately, from the … Read more

Performance testing might not be the first thing you think of when you read product reviews, but it often plays an important role in helping to evaluate how some products stand up against their competition. CNET Labs takes performance testing very seriously, and it's sometimes a lot more difficult than you might think... When we encounter testing problems in the lab, we often turn first to the manufacturers to help us troubleshoot the issue. We like to give the vendors the opportunity to address the issues and offer explanations or solutions, in part to make sure we're not … Read more

There's a buffer overflow affecting both the Windows and Mac version of Apple QuickTime 7.1.3 real-time streaming protocol (rtsp). The flaw allows remote attackers to execute arbitrary code which could allow remote access and the arbitrary execution of malicious code on compromised machines. If a user clicks a very long and specially crafted QuickTime video URL, an attacker could load malicious code onto Microsoft Windows or Apple Mac OS X machines.

At this time, there is no patch available from Apple. Users should avoid clicking URLs that begin with "rstp://." One workaround within QuickTime is … Read more