With this release they fixed the bug related to QuickTime; "Code execution via QuickTime Media-link files".
QuickTime Media-Link files contain a qtnext attribute that could be used on Windows systems to launch the default browser with arbitrary command-line options. When the default browser is Firefox 2.0.0.6 or earlier use of the -chrome option allowed a remote attacker to run script commands with the full privileges of the user. This could be used to install malware, steal local data, or otherwise corrupt the victim's computer. Read more
We really appreciate quick response to security issues like that.
0 Response to "QuickTime security issue fixed with Firefox 2.0.0.7 new security release"
Post a Comment