Reading SANS tonight points out that there are security updates FOR QuickTime 7.1.6 (Mac and Windows) available from Apple Downloads (May 29, 2007). Now, I am running v7.1.6 and my auto-update tells me everything is ok … but my client certainly hasn’t downloaded this patch that I am aware of.
About Security Update (QuickTime 7.1.6 for Windows)
This update is recommended for all users and improves the security of QuickTime 7.1.6.
So how do you know if your client is patched?
 Quicktime Security Update for 7.1.6 (Yes, really!) [SANS]
 Apple Downloads [Apple]
 Security Update (QuickTime 7.1.6 for Windows) [Apple]