Windows metafiles don't represent the only recently discovered dangerous media file vulnerabilities. Apple released an updated version of Quicktime that fixes five dangerous vulnerabilities. Four of the vulnerabilities are due to incorrect processing of standard image files, including those in Graphics Interchange Format (GIF), Joint Photographic Experts Group (JPEG), Tagged Image File Format (TIFF), and Truevision TARGA (TGA) format. The fifth vulnerability is due to incorrect processing of Quicktime movie files (.MOV).
Each of the five vulnerabilities are dangerous because they could allow a remote intruder to run arbitrary code on an affected system when someone simply views a specially crafted media file. The vulnerabilities affect both the standalone Quicktime player as well as Quicktime browser plug-ins. The nature of the vulnerabilities along with the scope of systems affected indicates a need for administrators to quickly update all of their systems, including OS X and Windows platforms, to Quicktime 7.0.4.
