Updates 11/8/12 - QuickTime

Apple QuickTime Player is by no means a required program.   If you don't already have it, you don't need it.   But if you do have it, it's time for another update [since QuickTime is one of the major vectors for infection].

The following has been copied/pasted from http://secunia.com/advisories/51226/ :

Description

Multiple vulnerabilities [at least one of which is rated HIGHLY CRITICAL] have been reported in Apple QuickTime, which can be exploited by malicious people to compromise a user's system.

1) A boundary error when processing a PICT file can be exploited to cause a buffer overflow.

2) An error when processing a PICT file can be exploited to corrupt memory.

3) A use-after-free error exists in the plugin when handling "_qtactivex_" parameters within an HTML object.

4) A boundary error when handling the transform attribute of "text3GTrack" elements can be exploited to cause a buffer overflow via a specially crafted TeXML file.

5) Some errors when processing TeXML files can be exploited to cause a buffer overflows.

6) A boundary error when handling certain MIME types within a plugin can be exploited to cause a buffer overflow.

7) A use-after-free error exists in the ActiveX control when handling "Clear()" method.

8) A boundary error when processing a Targa file can be exploited to cause a buffer overflow.

9) A boundary error when processing the "rnet" box within MP4 files can be exploited to cause a buffer overflow.

The vulnerabilities are reported in versions prior to 7.7.3.

Solution
Update to version 7.7.3.

--------------------------------------

For additional information, see http://support.apple.com/kb/HT5581