(September 6, 2007)
Apple has released updates for both the OS X and Windows versions of
iTunes to address a remote code execution vulnerability in version 7.4
of the media player. The flaw lies in the cover art display system and
could be exploited via a maliciously crafted file.
http://www.vnunet.com/vnunet/news/2198233/apple-slips-security-fix-itunes
[Editor's Note (Skoudis): I was just commenting at lunch yesterday to a
friend how "Cover Flow", the animated view of album covers in iTunes,
is propagating to almost every Apple product: the new iPods (Nano,
Classic, Touch), the iPhone, and even the new Mac OS X version, 10.5.
The latter, codenamed Leopard, has Cover Flow as a file view option in
the Mac Finder, for looking at files in directories, whether they are
music-related or not. I'm hoping they clean up any Cover Flow
vulnerabilities in all of the products where they exist. This
vulnerability illustrates the dangers of code sharing across products,
and how carefully such shared code needs to be reviewed. This kind of
reminds me of the GDI+ DLL fiasco in 2004 with the JPEG flaw in
Windows.]