Apple Hardens QuickTime Security
With QuickTime increasingly becoming a target for malicious hackers, eWeek reports that Apple has made several steps to make QuickTime more secure in the latest version (7.4.5) released just last week.
Besides patching 11 security vulnerabilities, the new version of QuickTime adds a few new features such as ASLR (address space layout randomization), stack buffer safety checking and function call hardening, all of which make it much more difficult to hack QuickTime.
Security researchers have applauded the efforts:
"That's a pretty big change for a point release," said Dino Dai Zovi, a hacker who has written multiple exploits for QuickTime. "They [Apple] have way more guts than many other software companies to do something like that. Either that, or they are afraid of the backlash if malware starts targeting QuickTime and iTunes in a more serious way."