Apple on Thursday released iTunes 8.1, which includes a fix for a vulnerability that could lead to theft of usernames and passwords if a podcast containing malware were subscribed to.
The software update addresses a design issue in the iTunes podcast feature that made it possible for a subscription to a malicious podcast to cause an authentication dialog to be displayed that could prompt the user for log-in credentials to the podcast server, Apple's advisory said.
The issue affects Mac OS X v 10.4.10 and later. memphis newspaper The issue was reported by Simon Bellwood.
iTunes 8.1 also fixes a vulnerability that could allow maliciously crafted Digital Audio Access Protocol messages to cause a denial of service on computers running Windows XP or Vista. Fortinet's Fortiguard Global Security Research team is credited with discovering this bug.
memphis newspaper
3.30.2009
Author: tygoogle Time: 3/30/2009
Subscribe to:
Post Comments (Atom)
0 Comment:
Post a Comment