Apple has recently updated the Snow Leopard operating system to version 10.6.3. This update, which is rated as critical, comes with numerous fixes and improvements – and it plugs a grand total of 88 security holes. The Cupertino-based software developer has recently rolled out one other update: iTunes 9.1.
Just like Mac OS X 10.6.3, iTunes 9.1 comes with several new features and improvements. Here’s the lowdown:
From a security point of view, iTunes 9.1 comes with fixes for a total of 7 security vulnerabilities. Here’s the lowdown on these vulnerabilities:
Impact: Viewing a maliciously crafted image with an embedded color profile may lead to an unexpected application termination or arbitrary code execution.
Applies to: Windows 7, Vista, XP.
Credit: Sebastien Renaud of VUPEN Vulnerability Research Team.
Impact: Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution.
Applies to: Windows 7, Vista, XP
Impact: Visiting a maliciously crafted website may result in sending data from Safari's memory to the website.
Applies to: Windows 7, Vista, XP.
Credit: Matthew 'j00ru' Jurczyk of Hispasec.
Impact: Visiting a maliciously crafted website may result in sending data from Safari's memory to the website.
Applies to: Windows 7, Vista, XP.
Credit: Matthew 'j00ru' Jurczyk of Hispasec.
Impact: Processing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution.
Applies to: Windows 7, Vista, XP.
Credit: Gus Mueller of Flying Meat.
Impact: Importing a maliciously crafted MP4 file may lead to a denial of service
Applies to: Mac OS X v10.4.11 or later, Mac OS X Server v10.4.11 or later, Windows 7, Vista, XP
Credit: Sojeong Hong of Sourcefire VRT
Impact: A local user may be able to obtain system privileges during iTunes installation
Applies to: Windows 7, Vista, XP
Credit: Jason Geffner of NGSSoftware
If you would like to get iTunes 9.1, you can download it straight from Apple here.
Just like Mac OS X 10.6.3, iTunes 9.1 comes with several new features and improvements. Here’s the lowdown:
- Rename, rearrange and remove Genius Mixes. The feature that puts together a playlist composed of songs it thinks go well together was introduced in iTunes 9.0.
- Organize and sync books downloaded from iBooks on iPad or added to the iTunes library.
- Sync iTunes with iPad.
From a security point of view, iTunes 9.1 comes with fixes for a total of 7 security vulnerabilities. Here’s the lowdown on these vulnerabilities:
- Colorsync - CVE-2010-0040
Impact: Viewing a maliciously crafted image with an embedded color profile may lead to an unexpected application termination or arbitrary code execution.
Applies to: Windows 7, Vista, XP.
Credit: Sebastien Renaud of VUPEN Vulnerability Research Team.
- ImageIO - CVE-2009-2285
Impact: Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution.
Applies to: Windows 7, Vista, XP
- ImageIO - CVE-2010-0041
Impact: Visiting a maliciously crafted website may result in sending data from Safari's memory to the website.
Applies to: Windows 7, Vista, XP.
Credit: Matthew 'j00ru' Jurczyk of Hispasec.
- ImageIO - CVE-2010-0042
Impact: Visiting a maliciously crafted website may result in sending data from Safari's memory to the website.
Applies to: Windows 7, Vista, XP.
Credit: Matthew 'j00ru' Jurczyk of Hispasec.
- ImageIO - CVE-2010-0043
Impact: Processing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution.
Applies to: Windows 7, Vista, XP.
Credit: Gus Mueller of Flying Meat.
- iTunes - CVE-2010-0531
Impact: Importing a maliciously crafted MP4 file may lead to a denial of service
Applies to: Mac OS X v10.4.11 or later, Mac OS X Server v10.4.11 or later, Windows 7, Vista, XP
Credit: Sojeong Hong of Sourcefire VRT
- iTunes - CVE-2010-0532
Impact: A local user may be able to obtain system privileges during iTunes installation
Applies to: Windows 7, Vista, XP
Credit: Jason Geffner of NGSSoftware
If you would like to get iTunes 9.1, you can download it straight from Apple here.