http://news.bbc.co.uk/1/hi/technology/4184887.stm 18 January, 2005 Users of Apple's music jukebox iTunes need to update the software to avoid a potential security threat. Hackers can build malicious playlist files which could crash the program and let them seize control of the computer by inserting Trojan code. A new version of iTunes is now available from the Apple website which solves the problem. Security firm iDefence, which notified users of the problem, recommended that users upgrade to iTunes version 4.7.1. The problem affects all users of iTunes - Windows and Mac OS - running versions 4.7 and earlier. Users can automatically upgrade iTunes by opening the "look for updates" window in the program. The security firm says users should avoid clicking on or accessing playlist files - which have the file extension of .pls or .m3u - which have come from unknown sources. Itunes is the world's most popular online music store with more than 200 million songs downloaded since it launched in 2003. _________________________________________ Open Source Vulnerability Database (OSVDB) Everything is Vulnerable - http://www.osvdb.org/
This archive was generated by hypermail 2.1.3 : Wed Jan 19 2005 - 01:21:06 PST