Apple has patched QuickTime for both Mac OS X and Windows to plug a hole discovered during a hack challenge last month.
QuickTime 7.1.6 fixes a hole exploited by Dino Dai Zovi on April 20 to crack into a MacBook Pro at the CanSecWest security conference. He won $10,000 for his efforts.
Apple's advisory says that the bug could be exploited by duping users running a Java-enabled browser. Systems running Mac OS X 10.3.9 or 10.4.9, as well as PCs with Windows 2000, Windows XP, and Windows Vista were at risk of being hijacked.
The QuickTime Java extensions, "QTJava.dll" was identified as the file that needed fixing.