You are here: silicon.com > Networks > WebWatch

WebWatch

iTunes security hole discovered

Dance flaw?

Tags: flaw, security flaw, itunes music store, apple itunes music store steve jobs ipod digital music

Printer Friendly Email Story RSS

By Dawn Kawamoto

Published: 18 November 2005 16:00 GMT

A critical vulnerability has been found in some versions of Apple's popular iTunes that could allow attackers to remotely take over a user's computer, according to a warning issued on Thursday by a security research firm.

The discovery of this latest flaw comes days after Apple issued its iTunes 6 for Windows security update.

The latest iTunes flaw, however, runs on all operating systems from Windows XP to Mac OS X, according to a security warning issued by eEye Digital Security.

This flaw allows malicious hackers to launch arbitrary code remotely, which in turn can take control of a user's computer.

Although an Apple spokesman was not immediately available for comment, the company has a policy of not discussing or confirming security issues until it has conducted an investigation and issued any needed patches, according to Apple's posting on its site. eEye, meanwhile, does not provide extensive details on the flaws it finds until a vendor releases a patch to resolve the security flaw.

When Apple released its iTunes 6 for Windows security patch earlier this week, it was designed to prevent the wrong helper application from launching. The helper program searches multiple system paths to figure out which program to run but the flaw could allow an attacker to create a way for an alternate program to be initiated by iTunes.

Dawn Kawamoto writes for CNET News.com

Add Comment Add comment  Printer Friendly Print story with   Email Story Email story  
In
Broadband & ISPs

Mobile & Wireless

WebWatch

LANs

Telecoms


Related Links

Apple 'already in talks' over video iTunes and iPod

'iTunes worm' drops adware on PCs

Nominet claims victory in iTunes.co.uk dispute

iTunes scores 80 per cent of UK downloads

Apple unleashes iPod Nano - and iTunes mobile

Jobs: Video, Bluetooth, radio, 3G iTunes for iPod? Doubt it

iTunes breaks one million video barrier

£100 iTunes download exposes mobile roaming rip-off

  1. Zones
  2. Management
  3. Networks
  4. Software
  5. IT Services
  6. Hardware
  1. Verticals
  2. Public Sector
  3. Financial Services
  4. Retail & Leisure
Read and write about internet access at the airports of the world at atlarge.com. Rate airports, and see what others have to say...

Natasha Lomas Exclusive: Jimmy Wales on what's next for Wikipedia Why Wikipedia needs geeks and why a life unplugged is unthinkable

Peter Cochrane Peter Cochrane's Blog: United breaks guitars? Customer service has changed forever

How will you use Google Wave? Recruiting, decision-making, dealing with complaints

Monitoring staff email and internet: The dos and don'ts

Tax-refund phishing scams hit an all-time high

Google unleashes biggest ever Apps rollout for 35,000 users

How a tech 'watch list' can save CIOs from being caught out


  • Jobs
SalesLogix & Sage CRM - Support Consultant

You will also be required to manage and test new patches and releases, install patches and new releases remotely on customer sites, manage the call ...

Technical Support Analyst

Routine monitoring of the service network and escalating to management of any action required to prevent any potential service loss. Solid working ...

Linux Systems Administrator

General technical support: Providing general support to Adeptra staff both within the office and those who work remotely. Working with the ...

Agenda Setters 2009
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.

Power Solutions Article:  Highly Available Virtualization with Microsoft Hyper-V...

Starwood Hotels & Resorts Worldwide, Inc. Creates Highly Available and Easily Managed...

Intrusion Detection Techniques for Mobile Wireless Networks

CDPS Analyst Interview with John Webster of Illuminata

Martin Brokers cashes in on back-up swap

VocaLink makes virtualisation pay

Sony Pictures sets sights on best IT Oscar

Co-op Group kicks "server sprawl" into touch

Arts Council gets tech troubleshooting boost

Torex tech treats Thorntons to quicker sales

Stories from the web...


eBay's Skype sale gets green light

Join the silicon.com LinkedIn networking group

Windows 7: Over 200 per cent more popular than Vista

Bletchley Park's World War Two codebreakers in their own words

Europe: Brace yourself for a telecoms overhaul

BT offers free fibre to Glasgow businesses




Quick Sitemap Links: