iTunes 8.1 update eliminates vulnerabilities
Apple's iTunes update 8.1 contains two bug fixes relevant to security. Attackers can remotely exploit vulnerabilities in previous versions to partially paralyse the music program or make it expose user data.
The first problem only affects the Windows version. While processing manipulated messages using the proprietary iTunes protocol DAAP (Digital Audio Access Protocol) to share media across a local network, the program may go into an endless loop resulting in a denial of service.
The second bug, in both the Windows and the Mac OS X version, can occur when internet radio broadcasts or podcasts are accessed. Apple says that if a manipulated podcast server is contacted, a successful attack will cause an authentication dialogue to be displayed, asking for an iTunes user name and password to be entered. Any information given in response though, will be accessed by the attacker, enabling them to make guesses about the victim's other passwords. iTunes 8.1 has been modified to correctly identify the source of the prompt message.
If they haven't already done so, iTunes users should install the new version as quickly as possible, either using the update function in Mac OS X or Windows, or by downloading the full updated package.
- About the security content of iTunes 8.1, advisory from Apple.