
Dance flaw?
Published: 18 November 2005 16:00 GMT
A critical vulnerability has been found in some versions of Apple's popular iTunes that could allow attackers to remotely take over a user's computer, according to a warning issued on Thursday by a security research firm.
The discovery of this latest flaw comes days after Apple issued its iTunes 6 for Windows security update.
The latest iTunes flaw, however, runs on all operating systems from Windows XP to Mac OS X, according to a security warning issued by eEye Digital Security.
This flaw allows malicious hackers to launch arbitrary code remotely, which in turn can take control of a user's computer.
Although an Apple spokesman was not immediately available for comment, the company has a policy of not discussing or confirming security issues until it has conducted an investigation and issued any needed patches, according to Apple's posting on its site. eEye, meanwhile, does not provide extensive details on the flaws it finds until a vendor releases a patch to resolve the security flaw.
When Apple released its iTunes 6 for Windows security patch earlier this week, it was designed to prevent the wrong helper application from launching. The helper program searches multiple system paths to figure out which program to run but the flaw could allow an attacker to create a way for an alternate program to be initiated by iTunes.
Dawn Kawamoto writes for CNET News.com
Apple 'already in talks' over video iTunes and iPod
'iTunes worm' drops adware on PCs
Nominet claims victory in iTunes.co.uk dispute
iTunes scores 80 per cent of UK downloads
Apple unleashes iPod Nano - and iTunes mobile
Jobs: Video, Bluetooth, radio, 3G iTunes for iPod? Doubt it
KEYWORDS : Mac OSX, Windows, OSX Server, ARD, Support, Macintosh, Windows Server, Quark Express, Adobe, MS Office, Extensis Suitcase, FTP, Carbon ...
A minimum of 2 years experience of software development for Mac OS X using Cocoa and Objective C? This is an exciting opportunity for an experienced ...
Work with the development team to deliver final solutions into the production environment Liaise with the development team to resolve any problems ...
Agenda Setters 2009
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.
Stories from the web...
Copyright © 2008 CBS Interactive Limited. All rights reserved. Top of page
Peter Cochrane Peter Cochrane's Blog: How the telcos could save themselves Doomed network operators could thrive with a bit of innovation
Peter Cochrane Peter Cochrane's Blog: Facebook saves teen from prison Another unexpected impact of social networking