News
iTunes security flaw reported
eEye Digital Security has issued a warning that a critical vulnerability in iTunes could allow attackers to remotely take over a user’s computer. The security firm said the flaw runs on on all operating systems from Windows XP to Mac OS X.
“This flaw allows malicious hackers to launch arbitrary code remotely, which in turn can take control of a user’s computer,” reports CNET News.com. “eEye, meanwhile, does not provide extensive details on the flaws it finds until a vendor releases a patch to resolve the security flaw.”
Share This Article & Win an iTunes Gift Card. Comments
If you have a comment, news tip, advertising inquiry, or coverage request, a question about iPods or accessories, or if you sell or market iPod products or services, read iLounge's Comments + Questions policies before posting, and fully identify yourself if you do. We will delete comments containing advertising, astroturfing, trolling, personal attacks, offensive language, or other objectionable content, then ban and/or publicly identify violators.
Recent News
- Enter the CES Exhibits Plus Pass Giveaway today
- Wider distribution boosting iPhone sales in France
- Chinon rolls out AVi portable iPod speaker
- TomTom intros separate Car Kit for iPod touch
- iLounge and MusicSkins announce the Ultimate Design Contest
- Latest edition of iPodweek coming shortly
- Apple planning more iPod touch apps for retail?
- Gameloft, others cutting back on Android development
- Google launches Google News for iPhone, iPod touch
- Magellan releases RoadMate app, Car Kit coming
Recent Reviews
- Electronic Arts Command & Conquer Red Alert
- Bowers & Wilkins Zeppelin Mini
- iHome iHM79 Rechargeable Mini Speakers
- Elexa Consumer Products iBlink
- Bose SoundDock 10
- Shure SE115m+ Sound Isolating Headset
- Apple Remote (2009)
- Kensington Travel Battery Pack and Charger for iPhone
- Tapulous Metallica Revenge
- Electronic Arts NBA Live by EA Sports
Recent Articles
- Ask iLounge 11-20-09
- The Complete Guide to Using the iTunes Store
- iPhone Gems: Brain Challenge 2, Impossible Quiz, Jeopardy, Trivia Wars + Wheel of Fortune
- The Complete Guide to Album Tagging, Art and Playlists in iTunes
- Ask iLounge 11-13-09
- The Complete Guide to iTunes Audiobooks, Podcasts + iTunes U
- Ask iLounge 11-6-09
- iPhone Gems: Asphalt 5 and Doom Classic
- Ask iLounge 10-30-09
- Instant Expert: Secrets & Features of Apple TV 3.0
1
oh dear…
Posted by chris on November 18, 2005 at 10:09 AM (PDT)
2
Okay, they say it’s critical because it can be remotely executed. How? By the iTunes Music Store, because that’s the only remote thing iTunes accesses to the best of my knowledge. Is it a direct attack on a particular port?
Surely there is a simpler temporary fix (if this is a real problem) than “buy our software”?
Posted by But how? on November 18, 2005 at 10:23 AM (PDT)
3
Prob’ly through a podcast. That’s unsupervised ‘code’ as it comes directly from the podcaster server to your system and never goes to the Music Store at all.
Posted by alanfraser in Rhode Island on November 18, 2005 at 10:36 AM (PDT)
4
its only with version 5.
“Impact: iTunes 5 for Windows may launch the wrong helper program
Description: Due to the way iTunes 5 for Windows launches its helper application, multiple system paths are searched to determine which program to run. This may allow a malicious user on the local system to create an environment where an alternate program will be executed by iTunes. This has already been addressed in the iTunes 6 release for Windows (2005-10-12)”
so it says “a malicious user on the local system”
i dont see how this is much of a threat at all. it doesn’t seem to deal with ‘hackers’ at all.
Posted by zip22 on November 18, 2005 at 2:34 PM (PDT)
5
The CNet article says that eEye Digital is *testing* whether it affects MAC OSX.
And on eEye Digital’s site we read:
“Operating Systems Affected:
All Microsoft Operatins Systems”
So I guess the flaw (at least for the time being) runs on all operating systems from Windows XP to Windows XP
Posted by stereo on November 18, 2005 at 2:47 PM (PDT)
6
So I guess the flaw (at least for the time being) runs on all operating systems from Windows XP to Windows XP
And you will have guessed wrong.
iTunes also runs on Windoze 2000.
Posted by flatline response on November 18, 2005 at 10:15 PM (PDT)
7
Great…just wonderful.
Posted by PimpyMicPimp on November 19, 2005 at 6:09 PM (PDT)
8
I thought OS X was immune to viruses…
Posted by hoho on November 19, 2005 at 10:29 PM (PDT)
9
“They’re not f’ing Microsoft…”
That’s where you’re wrong. The difference between Apple and Microsoft is all between the ears of some Homo sapiens who want to believe there is such a thing as a good corporation.
They’re just a collection of divisions made up of fallible humans controlled by a group of directors with one goal: to make as much money as possible by doing and spending as little as possible.
Posted by Code Monkey in Midstate New York on November 20, 2005 at 9:05 AM (PDT)