You are here: silicon.com > Networks > WebWatch

WebWatch

iTunes security hole discovered

Dance flaw?

Tags: flaw, security flaw, itunes music store, apple itunes music store steve jobs ipod digital music

Printer Friendly Email Story RSS

By Dawn Kawamoto

Published: 18 November 2005 16:00 GMT

A critical vulnerability has been found in some versions of Apple's popular iTunes that could allow attackers to remotely take over a user's computer, according to a warning issued on Thursday by a security research firm.

The discovery of this latest flaw comes days after Apple issued its iTunes 6 for Windows security update.

The latest iTunes flaw, however, runs on all operating systems from Windows XP to Mac OS X, according to a security warning issued by eEye Digital Security.

This flaw allows malicious hackers to launch arbitrary code remotely, which in turn can take control of a user's computer.

Although an Apple spokesman was not immediately available for comment, the company has a policy of not discussing or confirming security issues until it has conducted an investigation and issued any needed patches, according to Apple's posting on its site. eEye, meanwhile, does not provide extensive details on the flaws it finds until a vendor releases a patch to resolve the security flaw.

When Apple released its iTunes 6 for Windows security patch earlier this week, it was designed to prevent the wrong helper application from launching. The helper program searches multiple system paths to figure out which program to run but the flaw could allow an attacker to create a way for an alternate program to be initiated by iTunes.

Dawn Kawamoto writes for CNET News.com

Add Comment Add comment  Printer Friendly Print story with   Email Story Email story  
In
Broadband & ISPs

Mobile & Wireless

WebWatch

LANs

Telecoms


Related Links

Apple 'already in talks' over video iTunes and iPod

'iTunes worm' drops adware on PCs

Nominet claims victory in iTunes.co.uk dispute

iTunes scores 80 per cent of UK downloads

Apple unleashes iPod Nano - and iTunes mobile

Jobs: Video, Bluetooth, radio, 3G iTunes for iPod? Doubt it

iTunes breaks one million video barrier

£100 iTunes download exposes mobile roaming rip-off

  1. Zones
  2. Management
  3. Networks
  4. Software
  5. IT Services
  6. Hardware
  1. Verticals
  2. Public Sector
  3. Financial Services
  4. Retail & Leisure
Read and write about internet access at the airports of the world at atlarge.com. Rate airports, and see what others have to say...

Peter Cochrane Peter Cochrane's Blog: How the telcos could save themselves Doomed network operators could thrive with a bit of innovation

Peter Cochrane Peter Cochrane's Blog: Facebook saves teen from prison Another unexpected impact of social networking

IT skills shortage squashed by recession?

How the cloud is swallowing your comms

Pay for IT chiefs weathers the storm

Salesforce.com makes more friends in the cloud

UK web snooping plans: Full steam ahead


  • Jobs
Mac/PC Support Engineer –Mac OSX, Adobe, Quark, Windows, Server 2003, AD

KEYWORDS : Mac OSX, Windows, OSX Server, ARD, Support, Macintosh, Windows Server, Quark Express, Adobe, MS Office, Extensis Suitcase, FTP, Carbon ...

Bright Macintosh Software Engineer - Mac OS X, Objective C, Cocoa

A minimum of 2 years experience of software development for Mac OS X using Cocoa and Objective C? This is an exciting opportunity for an experienced ...

Windows, .NET Implementation Support Engineer

Work with the development team to deliver final solutions into the production environment Liaise with the development team to resolve any problems ...

Agenda Setters 2009
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.

Managing a growing threat: An Executive's Guide to Web Application Security

5 Sources of Value Through a Telecom Expense Management Initiative

Designing High Availability for SQL Server 2005

Business Continuity Planning - IT Survival Guide

Martin Brokers cashes in on back-up swap

VocaLink makes virtualisation pay

Sony Pictures sets sights on best IT Oscar

Co-op Group kicks "server sprawl" into touch

Arts Council gets tech troubleshooting boost

Torex tech treats Thorntons to quicker sales

Stories from the web...


eBay app lets users bid from a BlackBerry

ID card database: 500 names added in first month

Women in IT: Tech has an image problem

Tesco Mobile to get a taste of Apple's iPhone

Marketing chiefs: Are you spamming your customers?

IT skills shortage squashed by recession?




Quick Sitemap Links: