Security flaw found in iTunes and QuickTime
Apple has
announced a security flaw has been found in the latest version of iTunes 6.0.1 and 6.0.2, as well as QuickTime 7.0.3
and 7.0.4 that affects both Mac OS X and Windows. The flaw could allow an attacker to run code as the currently logged
in user, which is typically worse news for Windows users, but is still not something Mac user should take lightly.While Apple is working on a patch, I thought this sentence from a PC Pro article was somewhat interesting: "[Apple] will have around two months to issue a suitable fix before it comes under pressure, as the flaw is only at the initial report stage of the process." I wonder what exactly that means - is there some kind of industry consensus that has to be met? Or do they just mean that most people who exploit flaws like this don't use RSS readers and won't find out about the flaw for a month or two? Hopefully, we won't have to find out.
[via MacMinute]
Share
Apple has announced a security flaw has been found in the latest version of iTunes 6.0.1 and 6.0.2, as well as QuickTime 7.0.3 and 7.0.4...
Add a Comment
Holger
Yeah, its kinda best practice to send security flaws to the company who can fix it before making it public - at least if you are a white head ;-)
March 13 2006 at 11:02 PM Report abuse Permalink rate up rate down Reply
Jehan
The latest version of iTunes is 6.0.4. Is that affected, or not? I'm a bit confused.
March 13 2006 at 5:31 PM Report abuse Permalink rate up rate down Reply
Martyn
I just got a security update on Software Update for my Power PC iMac - but I don't think it's related...
March 13 2006 at 5:30 PM Report abuse Permalink rate up rate down Reply
3 Comments