iTunes security flaw reported | iLounge News


iTunes security flaw reported

eEye Digital Security has issued a warning that a critical vulnerability in iTunes could allow attackers to remotely take over a user’s computer. The security firm said the flaw runs on on all operating systems from Windows XP to Mac OS X.

“This flaw allows malicious hackers to launch arbitrary code remotely, which in turn can take control of a user’s computer,” reports CNET “eEye, meanwhile, does not provide extensive details on the flaws it finds until a vendor releases a patch to resolve the security flaw.”

« New Podcast: iLounge Week in Review Special Edition - Panel Discussion on iPod, from Tech Toy to Icon

iTunes dominates digital music market in UK »

Related Stories



oh dear…

Posted by chris on November 18, 2005 at 12:09 PM (CST)


Okay, they say it’s critical because it can be remotely executed. How? By the iTunes Music Store, because that’s the only remote thing iTunes accesses to the best of my knowledge. Is it a direct attack on a particular port?

Surely there is a simpler temporary fix (if this is a real problem) than “buy our software”?

Posted by But how? on November 18, 2005 at 12:23 PM (CST)


Prob’ly through a podcast.  That’s unsupervised ‘code’ as it comes directly from the podcaster server to your system and never goes to the Music Store at all.

Posted by alanfraser in Rhode Island on November 18, 2005 at 12:36 PM (CST)


its only with version 5.

“Impact: iTunes 5 for Windows may launch the wrong helper program

Description: Due to the way iTunes 5 for Windows launches its helper application, multiple system paths are searched to determine which program to run. This may allow a malicious user on the local system to create an environment where an alternate program will be executed by iTunes. This has already been addressed in the iTunes 6 release for Windows (2005-10-12)”

so it says “a malicious user on the local system”

i dont see how this is much of a threat at all.  it doesn’t seem to deal with ‘hackers’ at all.

Posted by zip22 on November 18, 2005 at 4:34 PM (CST)


The CNet article says that eEye Digital is *testing* whether it affects MAC OSX.

And on eEye Digital’s site we read:
“Operating Systems Affected:
All Microsoft Operatins Systems”

So I guess the flaw (at least for the time being) runs on all operating systems from Windows XP to Windows XP :)

Posted by stereo on November 18, 2005 at 4:47 PM (CST)


So I guess the flaw (at least for the time being) runs on all operating systems from Windows XP to Windows XP

And you will have guessed wrong.

iTunes also runs on Windoze 2000.

Posted by flatline response on November 19, 2005 at 12:15 AM (CST)


Great…just wonderful.

Posted by PimpyMicPimp on November 19, 2005 at 8:09 PM (CST)


I thought OS X was immune to viruses…

Posted by hoho on November 20, 2005 at 12:29 AM (CST)


“They’re not f’ing Microsoft…”

That’s where you’re wrong. The difference between Apple and Microsoft is all between the ears of some Homo sapiens who want to believe there is such a thing as a good corporation.

They’re just a collection of divisions made up of fallible humans controlled by a group of directors with one goal: to make as much money as possible by doing and spending as little as possible.

Posted by Code Monkey in Midstate New York on November 20, 2005 at 11:05 AM (CST)

If you have a comment, news tip, advertising inquiry, or coverage request, a question about iPods/iPhones/iPad or accessories, or if you sell or market iPod/iPhone/iPad products or services, read iLounge's Comments + Questions policies before posting, and fully identify yourself if you do. We will delete comments containing advertising, astroturfing, trolling, personal attacks, offensive language, or other objectionable content, then ban and/or publicly identify violators.

Commenting is not available in this channel entry.
Sign up for the iLounge Weekly Newsletter


Recent News

Recent Reviews

Recent Articles

Sign up for the iLounge Weekly Newsletter


iLounge is an independent resource for all things iPod, iPhone, iPad, and beyond.
iPod, iPhone, iPad, iTunes, Apple TV, Mac, and the Apple logo are trademarks of Apple Inc.
iLounge is © 2001 - 2014 iLounge, Inc. All Rights Reserved. Terms of Use | Privacy Policy