EASTLondon
01-14-2005, 05:23 AM
By Matthew Broersma
eweek.com
Along with introducing a slew of new hardware and software on Tuesday, Apple Computer Inc. also quietly released an update for iTunes that fixes a serious security vulnerability found in both Windows and Mac OS X versions of the media player.
The update, iTunes 4.7.1, patches a bug in the way iTunes handles the common .m3u and .pls playlist files. A buffer overflow that occurs when a user attempts to play one of these files—often exchanged over the Internet as a way of organizing music tracks—can crash the player and execute malicious code on a user's system, company officials said.
The vulnerability, which merited a "highly critical (http://secunia.com/advisories/13804/)" rating from independent security research firm Secunia, affects Windows XP, Windows 2000 and Mac OS X systems. Apple security information and updates can be found on Apple's Web site (http://docs.info.apple.com/article.html?artnum=61798).
Besides the security fix, iTunes 4.7.1 also adds shuffle and photo features for the iPod, as well as performance improvements.
News Article Link (http://www.eweek.com/article2/0,1759,1750634,00.asp)
eweek.com
Along with introducing a slew of new hardware and software on Tuesday, Apple Computer Inc. also quietly released an update for iTunes that fixes a serious security vulnerability found in both Windows and Mac OS X versions of the media player.
The update, iTunes 4.7.1, patches a bug in the way iTunes handles the common .m3u and .pls playlist files. A buffer overflow that occurs when a user attempts to play one of these files—often exchanged over the Internet as a way of organizing music tracks—can crash the player and execute malicious code on a user's system, company officials said.
The vulnerability, which merited a "highly critical (http://secunia.com/advisories/13804/)" rating from independent security research firm Secunia, affects Windows XP, Windows 2000 and Mac OS X systems. Apple security information and updates can be found on Apple's Web site (http://docs.info.apple.com/article.html?artnum=61798).
Besides the security fix, iTunes 4.7.1 also adds shuffle and photo features for the iPod, as well as performance improvements.
News Article Link (http://www.eweek.com/article2/0,1759,1750634,00.asp)