Apple Repairs QuickTime Glitch, Closes Browser Exploit
A security update released by Apple this morning for users of QuickTime for Windows appears to eradicate the exploitable hole discovered last month by GNUCitizen.org developer Petko D. Petkov.
Now, as BetaNews tests confirm, Apple's update shuts the other door: It no longer launches a Web browser when it encounters a filename that fits its accepted pattern (for instance, an MOV file) but which doesn't actually exist.
A security bulletin on Apple's Web site fully acknowledged and explained the repaired deficiency. The security update only works on the most recent QuickTime 7.2 version.