Critical Infrastructure Security, Patch/Configuration Management, Vulnerability Management

Apple releases mammoth iTunes update

Apple on Tuesday released an update to its iTunes software to repair a whopping 79 vulnerabilities. Most of the flaws are memory corruption issues found in WebKit, an open source web browser engine that helps render the iTunes Store. In the case of those bugs, adversaries could launch a man-in-middle attack while a user browses the store, which may lead to malicious code execution. The other holes patched by upgrading to iTunes 10.5 lie in CoreFoundation, ColorSync, CoreAudio, CoreMedia and ImageIO.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.