Slashdot Mirror

← Back to Stories (view on slashdot.org)

Apple iTunes Security Flaw Discovered?

Posted by Zonk on from the unfortunate-song dept.

brajesh writes "CNET News.com is reporting that a critical vulnerability has been found in some versions of Apple's popular iTunes that could allow attackers to remotely take over a user's computer, according to a warning issued by eEye Digital Security, a security research firm. The latest iTunes flaw affects all operating systems from Windows XP to Mac OS X, according to the advisory. The discovery of this latest flaw comes days after Apple issued its iTunes 6 for Windows security update."

18 of 207 comments (clear)

  1. Inconceivable! by stupidfoo · · Score: 4, Funny

    A security flaw in an Apple product? That's inconceivable!

    1. Re:Inconceivable! by paranode · · Score: 2, Funny
      The latest iTunes flaw affects all operating systems from Windows XP to Mac OS X

      And here I thought I would avoid these problems with BeOS.

    2. Re:Inconceivable! by paranode · · Score: 4, Funny

      You better shut your iHole!

  2. So by voice_of_all_reason · · Score: 2, Funny

    I just tried to get quicktime today, and now it comes with mandatory itunes.

    (insert wah-wah-wah-waaaaaah sound)

    What is it with companies shooting themselves in the foot this week?

  3. And The Score Is... by RapidEye · · Score: 5, Funny

    Apple Hackers: 1
    Linux Hackers: 2
    Windows Hackers: 134,443,229

    You guys still got a ways to go... =-)

    --
    "Murderer? Well, that's a harsh word. I prefer to think of myself as a Mortality Technician."
  4. Re:AllofMP3 by Anonymous Coward · · Score: 1, Funny

    Yeeeeeeaaah, I don't trust Apple. I'll just send my credit card details to Russia. Errrr, yeeeah. That's the ticket.

  5. Re:Wow. No Kidding. by Xarius · · Score: 2, Funny

    Wow. Software has flaw allowing remote hackery. This seems to be pretty typical of just about any piece of software written these days (or any days.)

    Except for the thousands of software applications that don't have network functionality! ;)

    --
    C17H21NO4
  6. Be funnier if... by Anonymous Coward · · Score: 3, Funny

    Apple Hackers: 1
    Linux Hackers: 2
    Windows Hackers: Buffer Overflow

  7. you're right, only Microsoft Operatins Systems by digitaldc · · Score: 2, Funny

    Where are the spelling nazis when you need them?

    --
    He who knows best knows how little he knows. - Thomas Jefferson
  8. Re:Awesome by geekoid · · Score: 4, Funny

    Wow, you found a perfect and non-exploitable piece of saoftware.
    Tell me, was it made by Pixies, or Fairies?

    --
    The Kruger Dunning explains most post on /. http://en.wikipedia.org/wiki/Dunning%E2%80%93Kruger_effect
  9. critical vulnerability of the week by digitaldc · · Score: 4, Funny

    This new critical vulnerability was discovered when it was found that someone turned their computer to 'ON' thereby leaving it vulnerable to crackers, hackers, script kiddies and bots. The fact that a human was operating the PC deemed it especially 'critical.'

    --
    He who knows best knows how little he knows. - Thomas Jefferson
  10. tragedy by Anonymous Coward · · Score: 2, Funny

    Ohhh!! NOOO!!!

      Someone just exchanged all of my music for the complete ABBA!!!

        AAAUUUUGGGGHHHH!!!!

  11. Re:Only as root by Anonymous Coward · · Score: 1, Funny

    What was it like? Did angels sing?

  12. Ah, the old Macdonald exploit... by g0at · · Score: 5, Funny

    Is this a case of eEye E-I/O?

    -b

    --
    myselfmusic
  13. Re:Only as root by Morgalyn · · Score: 3, Funny

    A beam of glittering gold light came down on the keys, even though I had a roof over my head, and I heard this beautiful chorus of voices...

    --
    You say you got a real solution
    Well, you know
    We'd all love to see the plan
    (The Beatles)
  14. Doesn't effect OS X. by JackAxe · · Score: 2, Funny

    Waffles, they smell good and tast great.

  15. Really severe vulnerability by gnasher719 · · Score: 2, Funny

    The way I understand this (from the one line in the CNet report), if you install malicious.exe on Windows or malicious.app on MacOS X, and then you go and rename malicious.exe to iTunes.exe or malicious.app to iTunes.app and then set up things in a certain way, it is possible that some code trying to launch iTunes would launch the malicious app, now called iTunes.

    Be afraid. Be very afraid. The world is coming to an end.

  16. eEye, eEye, Oh... by Warlock7 · · Score: 2, Funny

    ...and sometimes, why bother?

    Nothing to see here, move along. Sounds like this CRITICAL vulnerability isn't much of a vulnerability and isn't very critical...