Sophos Cloud Optix
Apple released a mammoth update to iTunes for Windows today bumping the version number to 10.5. The update fixes 79 vulnerabilities in iTunes, although not for Mac OS X users.
The largest number of fixes, 73, affect WebKit and could cause remote code execution. WebKit is used to render HTML content from the iTunes store.
Fortunately these vulnerabilities can only be exploited through a man-in-the-middle attack while using iTunes.
Other fixes resolve remote code execution flaws in CoreFoundation, ColorSync, CoreAudio, CoreMedia and ImageIO.
According to SANS Internet Storm Center, Apple will be releasing fixes for OS X users as part of the yet unreleased updates for 10.6 (Snow Leopard) and 10.7 (Lion). Users of OS X 10.5 and earlier will be left unprotected.
iTunes 10.5 for OS X is available as well, but only includes new features, not security fixes. iTunes 10.5 introduces iCloud support, wireless syncing and support for iOS 5.
One piece of good news is that iTunes no longer requires QuickTime on Windows machines. If you don’t need/want QuickTime this might be a great opportunity to remove it, reducing the number of applications you need to keep patched.
I hope we see an update for Mac OS X soon as Apple still have not fixed the six week old directory services vulnerability and the three week old password change vulnerability.
If you are a Mac user interested in protecting your computer consider downloading our Sophos Anti-Virus for Mac Home Edition for free protection from viruses, Trojans and other malware.
How about Quicktime users? Still no patch for Quicktime (or it's not affected).
I use Quicktime and NOT itunes and I'm annoyed for constantly having itunes pushed to my face (listed as one of the software I need to "update/install" in Apple Software update).
looks like they've pulled this link already – and have a "10.5 coming soon" message on their website..
so that's only for itunes users..but thanks for the inforamation anyhow.
i Tunes 10.5 is problems with XP, it uses 100 % CPU when started, i cant find the problem, installing it again dos not help!!
I am having MULTIPLE problems with 10.5
1) won't load iTunes store
2) try to sync my iPhone and update to iOS5 and it freezes
3) CPU usage jumps to 100% and freezes everything else
4) won't shut down – have to bring up Task Manager to shut the program down
Anyone got any ideas for fixes? Tried un- and re-installing with no change.