For security reasons, Apple has updated the Leopard (Mac OS X 10.5) and Windows (XP SP2 and later) versions of QuickTime to version 7.7, addressing 13 security issues. The update is not available to Macs running OS X 10.6 or later, as the security fixes in this update have already been addressed in OS X 10.6.7, 10.6.8 and later releases. Apple recommends the update for all QuickTime users on Windows or Mac OS X Leopard 10.5.8.
The technote page for the update notes that upgrading to QuickTime 7 (any version) from QuickTime 6 will disable the QuickTime Pro functionality if present, and recommends purchasing a QuickTime 7 Pro registration code for Mac or Windows from Apple’s online store to retain QuickTime Pro functionality.
The update fixes bugs that could allow certain maliciously-crafted image, audio or video files to cause a buffer or integer overflow in QuickTime, causing either a crash, memory corruption or the risk of arbitrary code execution; a “cross-origin” issue that could reveal video data from a previously visited site, and a flaw in QuickTime’s handling of ActiveX QTL files in Internet Explorer (Windows only).
The new version is available through Software Update or Apple’s Security Updates web page. The Leopard update is listed as being 68.85MB in size, while the Windows version is 37.15MB. The new v7.7 is also intended for the Server version of Leopard 10.5.8.