Security flaw discovered in iTunes

Security flaw discovered in iTunes
A security flaw has been discovered in some versions of Apple's iTunes software that could allow an attacker to take over a remote computer, according to a warning issued by eEye Digital Security. The flaw existed on earlier versions of iTunes 6 for the Windows operating system and was not addressed by the latest security update issued by Apple. So far it seems to only affect iTunes software on the Windows operating system, but the firm is still researching how the flaw could affect iTunes running on a Mac.

iTunes 6 and previous versions are affected by the flaw according to the product manager at eEye, Steve Manzuik. The flaw could allow an attacker to rub arbitrary code on a remote system if a user clicked on a malicious website link or opened a malicious email. "iTunes is widespread, so there is a large exploit base," Manzuik said. Apple didn't comment on the flaw however, as it is company policy to not discuss or confirm security flaws until an investigation has been conducted and patches have been issued.



Source:
News.com

Written by: James Delahunty @ 20 Nov 2005 20:33
Advertisement - News comments available below the ad
  • 10 comments

  • m0thr4

    "So far it seems to only affect iTunes software on the Windows operating system..."

    Sounding more of a Windows problem than an iTunes one then.

    22.11.2005 06:18 #1

  • Rikoshay

    Could they be refering to ourTunes as one of those exploits? :)

    22.11.2005 09:56 #2

  • zorro2407

    I'm with you Rikoshay,
    It's apparent apple are resting on their laurels and raking the money in with out regard for the security of it's users . It digusts me , they laugh it off with out addresssing the problem.
    Perhaps some accountability for such flaws would get them off their Butts.
    Long live the Philips hdd player.

    26.11.2005 09:03 #3

  • Reasons?

    When Apple ports iTunes to Windows, it is their job to have to program hole-free. iTunes has effectively become a hole in the windows operating system and it is not a "Windows problem". Why do I feel Apple fanboy? It's giving me goosebumps, i don't know, I guess it's a sixth sense.

    This is the same level of control Sony's XCP gave attackers, complete control form a remote server. The only difference is, is that with Sony's ordeal you had to be smart enough to use a rootkit scanner too.

    I don't see people flocking to this issue like they did Sony, lol, this is even more widespread. Dumbshit fanbase can't bring itself to touch Apple, but god help Sony if they screw up.

    28.11.2005 07:15 #4

  • Rikoshay

    \

    28.11.2005 10:49 #5

  • Reasons?

    If answer to this question is yes,

    Do you own a Xbox 360 and have logged more than an hour on it playing a Xbox 360 game?

    Then, why do you say "crapbox360"??

    If you don't own one or haven't spent some serious time with a friends, then let me know and your opinion doesn't matter.

    Formerly "cmmnsense", banned for lack of restraint.

    Fanboy is a term used to describe someone who is utterly devoted to a single subject. This generally is followed by the devotion and support even when proved wrong.

    Anecdotal, by my definition, it's the way too many people here think. It's also all the evidence you have.

    28.11.2005 11:09 #6

  • Rikoshay

    Look, I'm just saying that everyone was getting way too excited about the 360. Too many people were way too anxious to get the first 360. Most people got paid back though, they got the systems with bugs, etc., and had to return it anyway.

    Okay, I don't own a 360, and I don't have a friend who has one. The only answer I can give as to why, is because we have better ways to spend $400 on a piece of equipment.

    I will admit that the graphics for the 360 are very high, but the fact is that most of the games that end up on Xbox or 360 had either already been on PC or other systems. If you have thousands of dollars to waste from your parent's pockets, then go out and buy a 50" HDTV and all that, but I don't buy into all that media hype.

    It maybe too extreme to call the 360 crap, but I honestly don't see any reason to get one. Just give me one really good reason why I should care about the Xbox360, and I'll hold you to that. Until then, the one thing I have that can do what the 360 does and more is the PC.

    "It's absolutely stupid that we live without an o-zone layer.
    We've got rockets, we've got Ceram Wrap; fix it!"
    -Lewis Black

    30.11.2005 10:31 #7

  • Reasons?

    The Xbox 360 contains hardware that is being sold at a 25% loss and not a 1000% profit. Yes, 1000%. A $1000 P4 extreme form intel costs about $69 to manufacture.

    With that in mind, this console has hardware just plain not sold yet, like a unified memory pool of 512MB GDDR3 and a 6 thread CPU. That's 3x than what you get with a $1000 AMD dual core. Running at 3.2GHz too. The form factor is very small compared to a PC and is an amazing media streamer and PARTY MACHINE. Movies, streaming 30GB of music selection (In my case), photos, high def Progressive scan DVD playback. And online wireless gaming.

    Face it, this thing will be at the heart of alot of parties up here, not for games, but for music and movies to the big screen.

    For $400, you cannot lose. There is so much I just don't have any time to tell you what this thing becomes when you use it to it's full potential. I would pay $400 just to have that high def 720p playback combined with 30GB of streaming music form my PC to the surround sound downstairs. This device in invaluable to me personally.

    Formerly "cmmnsense", banned for lack of restraint.

    Fanboy is a term used to describe someone who is utterly devoted to a single subject. This generally is followed by the devotion and support even when proved wrong.

    Anecdotal, by my definition, it's the way too many people here think. It's also all the evidence you have.

    30.11.2005 12:45 #8

  • Rikoshay

    That is a very good counter-argument there. That does impress me much to some extent.

    Although, even if I were interested in getting one, right now, there is no way to get one until after the new year, and many of the features that you meantioned are very useful for an all-in-one machine, I guess I don't see any of that applying to me. I do have somewhat of a lousey argument, but like I said, most of the features don't apply to what I would mainly be using it for, which is gaming. But, I will admit that a lot of people do use it for great parties and what-not (I did have some fun with Halo 2 at a relatives house:).

    You have convinced me not to bash other peoples products until sorting out all of the facts, but it didn't really swayed me into actually buying one for the sole perpose of having something original, and I will consider the pros and cons for a particular debate for the most part.

    "It's absolutely stupid that we live without an o-zone layer.
    We've got rockets, we've got Ceram Wrap; fix it!"
    -Lewis Black

    1.12.2005 18:55 #9

  • Reasons?

    To each his own, but if you do decide to get one, they come in every week. That was ms's plan all along, I know someone that works for Target here in MN and they get in 5 or more Xbox 360s every week at the least.

    Formerly "cmmnsense", banned for lack of restraint.

    Fanboy is a term used to describe someone who is utterly devoted to a single subject. This generally is followed by the devotion and support even when proved wrong.

    Anecdotal, by my definition, it's the way too many people here think. It's also all the evidence you have.

    2.12.2005 05:38 #10

© 2024 AfterDawn Oy

Hosted by
Powered by UpCloud