In association with heise online

19 April 2011, 09:40

iTunes 10.2.2 closes security holes

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit


Zoom
Apple has released version 10.2.2 of its popular iTunes media player software, a maintenance and security update that addresses a number of bugs and fixes two security vulnerabilities. According to Apple, version 10.2.2 corrects two issues in the WebKit browser engine used by iTunes that could lead to arbitrary code execution via a man-in-the-middle attack while browsing the iTunes Store.

Only the Windows version of iTunes is affected. Apple fixed the same issues on Mac OS X systems via the recent Safari 5.0.5 update. The latest iOS updates from earlier this month also corrected the same problems in Apple's iPhone, iPad and iPod Touch devices.

In addition to closing the above security vulnerabilities, the iTunes update also fixes problems that could cause the application to become unresponsive when syncing an iPad. Other changes include updates that prevent video previews on the iTunes Store from skipping while playing, iOS photo syncing improvements and various bug fixes that improve the overall stability and performance of iTunes.

Version 10.2.2 of iTunes is available to download for Windows (32- and 64-bit) and Mac OS X 10.5 or later. Alternatively, Mac OS X users can upgrade to the latest release via the built-in Software Update function. All users are advised to upgrade as soon as possible.

See also:

(crve)

Print Version | Send by email | Permalink: http://h-online.com/-1229838
 


  • July's Community Calendar





The H Open

The H Security

The H Developer

The H Internet Toolkit