US-CERT is aware of public reports of a vulnerability in Apple QuickTime. By convincing a user to open a specially crafted QuickTime file, an attacker may be able to execute arbitrary code. This vulnerability may have several attack vectors, such as visiting a malicious or compromised website.

US-CERT encourages users to use caution when opening QuickTime files, and apply the best security practices described in the Securing Your Web Browser document, to help mitigate the risks.

US-CERT will provide additional information as it becomes available.