US-CERT is aware of a public report of a new vulnerability in Apple QuickTime. The report indicates that if a user opens a specially crafted QuickTime file, an attacker may be able to execute arbitrary code. This vulnerability may have several attack vectors, such as visiting a malicious or compromised website. US-CERT is currently investigating this report and will provide additional details as needed.

US-CERT encourages users to use caution when opening QuickTime files, and apply the best security practices described in the Securing Your Web Browser document, to help mitigate the risks.