In association with heise online

23 September 2009, 10:10

Apple plugs critical vulnerability in iTunes

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Apple has released iTunes version 9.0.1 for Mac OS X and Windows. It fixes various bugs and one critical security vulnerability when processing playlists.

According to Apple, stability when synchronising programs for the iPod touch and iPhone and synchronising podcasts in playlists has been improved. The new version also fixes problems sorting multi-CD albums and a problem that caused unexpected crashes.

The security vulnerability allows attackers to use crafted playlists (*.pls) to trigger a buffer overflow, allowing code to be injected into and executed on a user's system. The update, which is just under 83 MB in size, can be downloaded from the Apple website or via Apple's Software Update system.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit