Friday, April 2, 2010

New QuickTime and Java vulnerabilities & updates

Yesterday, Apple announced multiple vulnerabilities in QuickTime and provided a new update (7.6.6).  This update fixes vulnerabilities which, "may lead to an unexpected application termination or arbitrary code execution". For more information see Apple's announcement:

Java also announced that they found and fixed 27 new security related bugs in their newest version of Java (6 U19). From Oracle's website: "Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply CPU fixes as soon as possible. This Critical Patch Update contains 27 new security fixes across all products.". For more information see:

We have updated SecBrowsing to warn users that run earlier, vulnerable versions of QuickTime and Java plugins in their browser.