Slashdot Mirror

← Back to Stories (view on slashdot.org)

Apple iTunes Hit With a New Critical Flaw

Posted by Zonk on Tuesday May 10, 2005 @07:18AM from the watch-what-you-listen-to dept.

Jameson writes "Apple has released a new iTunes version to correct a security vulnerability reported by Mark Litchfield. FrSIRT and Secunia marked the flaw as "critical", because it can be exploited by malicious people to compromise a user's system via maliciously-crafted MPEG4 file. iTunes 4.8 addresses this issue by improving the validation checks used when loading MPEG4 files."

3 of 44 comments (clear)

Min score:

Reason:

Sort:

FrSIRT? by commodoresloat · 2005-05-10 07:29 · Score: 3, Funny

Did they get the FrSIRT post in when they published this vulnerability?
oh no by fulldecent · 2005-05-10 07:48 · Score: 4, Funny

This is devastating! I need this fixed yesterday.

--
-- I was raised on the command line, bitch
The Difference Between Apple & Microsoft Patch by Cr0w+T.+Trollbot · 2005-05-10 09:33 · Score: 1, Funny

Time between Apple vulnerability being found and patched: Measured with a stopwatch.
Time between Microsoft vulnerability being found and patched: Measured by counting redwood tree rings.

Alternately, we could measure Microsoft's patch time by the number of spam e-mails an unpatched zombie system sends out. "Wow, Microsoft patched that security hole after only 9,000,000 SoBigs! They're really improving!"

Crow T. Trollbot