This time, the champion of fixes was were the Windows versions (XP and Vista)of the multimedia player software. The fix comes to cover 11 vulnerabilities. According to Apple, the successful exploitation of 9 of these flaws would enable an attacker to remotely execute code on the machine.
In the mean time, QuickTime for Mac OS X got off with only 8 such fixes.
Five of the flaws can be exploited by hackers with the help of specially-crafted movie files, while three of the flaws can be exploited with the help of Pict files. All these flaws allow remote code execution.
Also in the “remote code execution” is a flaw in handling of QuickTime VR files. Last but not least, the player features a vulnerability that would allow Java applets to obtain elevated privileges.
The patch can be obtained via Apple’s Software Update utility or downloaded directly from here.