Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » Apple fixes critical iTunes code bug

Apple fixes critical iTunes code bug

by Nikola Strahija on May 12th, 2005 A bug in code used by iTunes 4.X to parse MPEG-4 files was discovered last week, it allows maliciously-crafted media files to crash vulnerable versions of the application.


In the process, hostile code can be injected into vulnerable systems. iTunes users are advised to update to version 4.8, which features improved validation checks, to guard against possible exploitation.

Danish security reporting firm Secunia rates the iTunes bug as "highly critical". Exploitations of both Mac OS and Windows machines running iTunes is possible - providing an attacker tricks a user into opening a malicious MPEG-4 file with a vulnerable version of iTunes.


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »