Security Architecture, Endpoint/Device Security, Endpoint/Device Security, Security Strategy, Plan, Budget, Vulnerability Management, Patch/Configuration Management, Incident Response, TDR, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security

Apple fixes iPhoto bug

Apple this week released a security update for iPhoto, patching a flaw that could allow remote code execution.

iPhoto version 7.1.2 fixes a format string vulnerability that can be exploited when an end-user processes photocast subscriptions.

A cyberattacker can take advantage of the flaw by enticing a user to subscribe to a maliciously crafted photocast, a media-sharing feature in iPhoto, Apple disclosed on Monday.

The Cupertino, Calif.-based technology company credited researcher Nathan McFeters of Ernst & Young's Advanced Security Center with reporting the flaw.

Apple released its most recent set of patches last month, distributing a new version of QuickTime to plug four vulnerabilities in the media player.

The same day, the computing and entertainment giant made public iPhone and iPod Touch versions 1.1.3, which fixed three flaws in the gadgets, including a bug in Safari, Apple's web browser.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.