AfterDawn: News

Apple patches iTunes bug

Apple Inc. has issued an update that addresses a vulnerability discovered in its iTunes multimedia software. The company has patched both Windows and Mac operating systems' version of the iTunes software. The iTunes v7.4 update adds support for using purchased music as ringtones and to buy songs wirelessly using iPhone or the recently unveiled iPod Touch.

The update also addresses a serious security vulnerability however, that could lead to a specially crafted music file crashing or giving an attacker control over a victims PC or Mac. "A buffer overflow exists in iTunes when processing album cover art," the company stated. "By enticing a user to open a maliciously crafted music file, an attacker may trigger the overflow which may lead to an unexpected application termination or arbitrary code execution."



Apple has issued more than 100 patches for ts Mac OS X operating system and applications this year and the iPhone received its first security patch in July. Apple credited iSEC Partners with the discovery of the latest iTunes vulnerability.

Source:
The Register

Written by: James Delahunty @ 7 Sep 2007 7:18

• Previous article

• European Commission, Apple and record labels to meet over antitrust charges

• Next article

• Integra to release HD DVD player

• 7 comments

• fonzbear

  lol! i thought the mac was supposed to be unhackable!

  7.9.2007 17:36 #1

• robertmro

  Everything is hackable.

  7.9.2007 19:50 #2

• Pop_Smith

  The only reason Macs seem "Unhackable" is beacuse the user database is extremely small compared to the dominate OS, Windows.
  
  Linux (and all the other Unix variants) is also hackable although it seems as if most hackers use Linux, which is part of the reason why Linux doesn't have many viruses, spyware and other malware including tools to hack into computers running the OS.
  
  Peace

  8.9.2007 12:58 #3

• WierdName

  You see you ignorant people who say it's invulnerable? Just like everything else, there will always be unforeseen security loops and holes.
  
  EDIT- er, holes, not wholes.

  8.9.2007 20:49 #4

• borhan9

  i may download this patch if this is the case.

  11.9.2007 01:32 #5

• spartan96

  1tunes 7.3 sucked. I couldn't even back up my library, it just gave me a stupid error every time.

  18.11.2007 21:39 #6

• pryme_H

  They need to make sure that they've checked all avenues for potenial hacks before releasing updates. Apple is prone to hack these days...
  

  
  

  19.11.2007 02:21 #7