ITSS-Advisory : MEDIUM : Apple : QuickTime and QuickTime Component : Various issues

THREAT LEVEL
============
Medium.

INFORMATION
===========
Apple released two bulletins on 21 Jan 2009.

QuickTime 7.6
-------------
Apple released QuickTime 7.6 for Mac OS X v10.4.9 - v10.4.11,
Mac OS X v10.5 or later, and Windows XP SP2, XP SP3, Vista operating systems.
This version fixes several vulnerabilities, the possible impacts are arbitrary
code execution or unexpected application termination. More information is
available at: http://support.apple.com/kb/HT3403

QuickTime MPEG-2 Playback Component for Windows
-----------------------------------------------
This component is not installed by default with QuickTime. Viewing a specially
crafted file may lead to arbitrary code execution or unexpected application
termination. Windows XP SP2, XP SP3 and Vista operating systems are affected.
More information is available at: http://support.apple.com/kb/HT3404

ACTION
======
Administrators of affected computers are advised to review the bulletins, test
and apply relevant updates.