|Not a member? Sign up now!|
Think that Apple Macintosh doesn't have viruses? Do you believe the marketing? Recent vulnerabilities released indicate that man in the middle, remote attacks and denial of service attacks, while not confirmed actively in use in the wild, are exposing every iTunes user that uses the software. The consequence is that if you have itunes loaded, your windows platform and antivirus might not thrawt an attack or to be to blame when your information leaks, when your system crashs, or acts expectedly.
The usual advice applies, use software from companies with a defined Security Development Lifecycle (SDL) and ensure users use only safe software on business computers.
Apple released information on http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html.
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other vulnerabilities listed in APPLE-SA-2011-10-11-1.