toggle

AAPL Stock: 94.72 ( + 0.78 )

Printed from http://www.macnn.com

Vulnerabilities patched in iTunes, Quicktime, more

updated 07:20 pm EDT, Tue September 9, 2008

Apple app issues patched

Supplemental to the plethora of Apple software releases on Tuesday, Apple noted that iTunes 8.0, Quicktime 7.5.5, Bonjour for Windows 1.0.5, and the iPod touch 2.1 OS updates offer various security fixes as well. iTunes 8.0 resolves a vulnerability on the Mac side that results in an erroneous Firewall warning dialogue, while the Windows side saw a fix pertaining to system privileges. iTunes 8.0 is available for download from Apple's website.

Quicktime 7.5.5 saw the majority of fixes, with nine issues catalogued, split between the Mac and PC software. The majority of issues relate to maliciously crafted QTVR or movie files leading towards arbitrary code execution, or similar. PICT-formatted image files also could be used to exploit the vulnerability, a problem that was also patched.

Bonjour for Windows 1.0.5 resolved problems with maliciously crafted ".local" domain names, as well as an issue that allowed users to spoof DNS information. The second vulnerability was preemptively resolved, since Apple claims that there are no known applications capable of making use of the issue.

iPod touch 2.1 introduces a few fixes related to CoreGraphics, mDNSResponder, networking, WebKit, and the Application Sandbox environment. Most problems related session highjacking, arbitrary code execution, DNS cache poisoning, and improper handling of files.




by MacNN Staff

POST TOOLS:

TAGS :

toggle

Comments

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

MacNN Sponsor

Recent Reviews

Razer Kraken Pro headset

Gaming headphones are a challenge to get right, for a long list of reasons that are unique to the consumer buying them. Some shoppers ...

Patriot Aero Wireless Mobile Drive

Regardless of how large a tablet you buy, you always want more space. There's always one more movie or another album you'd cram on, ...

Patriot Fuel+ 6000 and 9000mAh batteries

Mobile device batteries are better than they used to be, but there's always a scenario where users could use more juice. Upgrade manu ...

toggle

Most Commented