New iTunes flaw warning

By
Follow google news

Music downloaders are being warned about an exploitable flaw in Apple’s iTunes program.

Calling the warning's severity "high," eEye warned last week that a flaw exists in the popular music downloading program that could allow malicious code to compromise it.


"A remotely exploitable flaw exists that allows arbitrary code to be executed in the context of the logged-in user," the security firm warned on its website. The vulnerability exists on all Microsoft operating systems.

Earlier last week, Apple had released an advisory that a malicious user could compromise PCs through iTunes 5 and said the vulnerability had been addressed in later versions of the program.

"Due to the way iTunes 5 for Windows launches its helper application, multiple system paths are searched to determine which program to run," Apple warned on its iTunes site. "This may allow a malicious user on the local system to create an environment where an alternate program will be executed by iTunes. This has already been addressed in the iTunes 6 release for Windows."

www.eeye.com

Most Read Articles

Bendigo Bank aims to have Australia's "first agentic SOC"

Bendigo Bank aims to have Australia's "first agentic SOC"

ASD to retire Essential Eight cyber security framework within next two years

ASD to retire Essential Eight cyber security framework within next two years

Services Australia describes fraud, debt-related machine learning use cases

Services Australia describes fraud, debt-related machine learning use cases

NAB's SecOps rethink focuses on data expert and dev hires

NAB's SecOps rethink focuses on data expert and dev hires

Log In

  |  Forgot your password?