Apple has yet again patched a number of critical security vulnerabilities in its QuickTime media player.
With the 7.2 update, users can now view videos in full-screen, but the software also contains a number of critical security fixes. In total, Apple has addressed eight security vulnerabilities with the release, which was released yesterday.
Four of the flaws are memory corruption or integer overflow bugs that could cause the viewer to crash if QuickTime were used to view maliciously crafted movies or files. Another three critical flaws relate to design issues in QuickTime for Java. Attackers could theoretically exploit these flaws by posting malicious Java applets on a web site, where they could then compromise a victim's computer.
A final QuickTime for Java bug could "lead to the disclosure of sensitive information," Apple said in its security update.
Apple has also pushed out a new release of its iTunes music software that fixes "a minor problem with iTunes 7.3 accessing the iTunes Library," the company said.
The QuickTime and iTunes updates are available for download by both Windows and Mac OS X users.