- home
- reviews
- news
- downloads
- cnet tv
On The Insider: Britney's Bikini-Clad Top 10
- log in
- join CNET
- welcome,
- my profile
- log out

Comments on: Apple iTunes security flaw discovered

A vulnerability in software that helps manage iTunes could allow an attacker to launch arbitrary code.

Add a Comment (Log in or register) (14 Comments)

And So...

by SystemsJunky November 18, 2005 7:44 AM PST

It Begins. No company makes a perfect product...Oh wait...Apple made everything, including the heavens and the earth, nevermind.

Like this Reply to this comment

Dumbass
by privatec November 18, 2005 8:51 AM PST: Anyone who genuinely thinks Apple makes completely flawless
products is as big a fool as you obviously are. We're all
consumers folks, not clan members. We do not owe allegiance to
anyone.

A better response to this issue would be to ask how one actually
exploit the flaw if it is a remotely executable one and the only
remote thing that itunes accesses is the itunes music store? The
only other thing I can think of is the music library sharing
feature which we can all turn off if that's the only other way of
accessing iTunes remotely.

Being merely an educated user and not a Mac genius is there
anyone out there who knows any better?; Like this View reply Hide reply
Processing

is Windows only. Not OSX
by NeverFade November 19, 2005 8:53 AM PST: n/t; Like this

source

by jean.luc.picard November 18, 2005 8:35 AM PST

As in . . . a research firm has determined that cigarettes are not
harmful and addictive.
This firm sells security software. Would be surprised to learn that
they announce that they have found a security flaw? Not me.

Like this Reply to this comment

Yes indeed.
by privatec November 18, 2005 8:54 AM PST: I just looked up the eEye site and indeed their solution to the
problem is to buy their product.

Not proof of exaggeration but reason enough I think for doubting
their intentions.; Like this

So let me guess

by R. U. Sirius November 18, 2005 9:37 AM PST

The "solution" is to buy the security companies product(s), right?

What version(s) of iTunes does this impact? Have there been any real world reports of security breaches? How exactly are hackers supposed to get into my iTunes to begin with? Some salient details and facts would go a long way to supporting what is at present a somewhat dubious article.

Like this Reply to this comment

Good guess
by SystemsJunky November 18, 2005 10:29 AM PST: That goes for about 99% of the flaws in Windows as well.; Like this

Hmm

by November 18, 2005 9:56 AM PST

"The latest iTunes flaw, however, runs on all operating systems from Windows XP to Mac OS X".

Does this mean - GULP - OS X isn't perfect, after all ?

Havin read the report, it's in the Initial stage. So it'll be interesting to see how this develops.

"Description: A remotely exploitable flaw exists that allows arbitrary code to be executed in the context of the logged in user." - doesn't sound trivial (expecially if the arbitraty code was like "FORMAT C:").

Like this Reply to this comment

OS X?
by harry.callaghan November 18, 2005 11:30 AM PST: "Does this mean - GULP - OS X isn't perfect, after all ?"

Not yet. Look at original advisory:

Operating Systems Affected:
All Microsoft Operatins Systems.; Like this

OS X?

by Terry Murphy November 18, 2005 11:36 AM PST

According to the Cnet article, the flaw "runs" on all operating
systems (Mac and Windows)

However, the link to eEye (for the November 17, 2005 iTunes
vulnerability report EEYEB-20051117b) states:

"Operating Systems Affected:
All Microsoft Operatins (sic) Systems"

Now where do you see OS X in that statement?

Like this Reply to this comment

Typical CNet story
by BobBobBobBobBobBobBob November 18, 2005 12:55 PM PST: incomplete, FUD and will post advertising as news... lol; Like this View reply Hide reply
Processing