In a SANS Diary entry they forgot to mention that there is no secure version for W2K, affected users should uninstall QuickTime, well, quickly. Products depending on QuickTime and claiming to be W2K-compatible could be considered to be broken, IANAL.
Having said this it is already rather tricky to find the 2007-11-12 QT Lite 1.1.2 for W2K with the 7.2.0.245 components, the download for this link is a damaged file, and an apparently working file was removed from where I found it. QT Lite 1.1.1 and QuickTime Alternative 1.90 still use the 7.2.0.240 components, and all these unofficial variants likely inherited the security flaws of the corresponding official versions.
Hunting W2K tools can be a pain, I try to stay on Microsoft's sites for security reasons. Check out the Petri IT Knowledgebase if you're looking for say a W2K-version of NTrights.
No comments:
Post a Comment