Brief: Apple Updates iTunes To Plug Security Hole

Apple Computer this week updated its iTunes music store software to fix a critical security flaw that could let attackers grab control of a PC or Mac.



Apple Computer Inc. this week updated its iTunes music store software to fix a critical security flaw that could let attackers grab control of a PC or Mac.

The bug in iTunes' handling of AAC audio files can crash the software or let a hacker run his own code if a user opened a malicious AAC, said the Apple security advisory. (ACC stands for Advanced Audio Coding, and is one of the file formats supported by iTunes.)

Danish vulnerability tracker Secunia rated the bug as "highly critical," its second-from-the-top ranking, but the flaw was reported to Apple by 3com's TippingPoint on April 7; TippingPoint paid for the vulnerability information through its Zero Day Initiative bounty program.

On Wednesday, Apple issued a security update for the Windows and Mac OS X editions of iTunes. The new 6.0.5 edition can be downloaded from the Apple Web site.\

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Email This  | 
Print  | 
RSS
More Insights
Copyright © 2020 UBM Electronics, A UBM company, All rights reserved. Privacy Policy | Terms of Service