Apple iTunes security flaw

By Derek Sooman on
A critical vulnerability has been found in Apple Computer's popular iTunes, which if exploited by crackers could lead to a computer being remotely taken over, according to a warning issued by eEye Digital Security. The flaw has been discovered just days after Apple issued its security update for iTunes 6 for Windows. The flaw, which is present on the earlier version of iTunes 6 for Windows, and was not addressed by the newest security update, enables malevolent attackers to launch arbitrary code remotely, so long as a user clicks on a malicious Web site link or opens a malicious e-mail. Due to the vast popularity of the software, the potential for exploitation is huge.

An Apple representative was not available for comment, but the company has a policy of not discussing or confirming security issues until it has conducted an investigation and issued any needed patches, according a posting on its Web site.

eEye says it does not provide extensive details on security flaws until a vendor has released a patch to resolve the flaw.

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.