Apple plugs critical iTunes security hole

Apple has shipped a critical iTunes update to fix a security vulnerability that exposes Windows users to malicious hacker attacks.

Apple has shipped a critical iTunes update to fix a security vulnerability that exposes Windows users to malicious hacker attacks.

The latest iTunes 9.2.1 is available for Windows XP, Windows Vista and Windows 7.

From Apple's advisory:

A buffer overflow exists in the handling of "itpc:"URLs. Accessing a maliciously crafted "itpc:" URL may lead to anunexpected application termination or arbitrary code execution. This issue is addressed through improved bounds checking.

The patched iTunes 9.2.1 is available from Apple's download website.

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All