A vulnerability within QuickTime 7.5.5 and iTunes 8.0 has been uncovered by security researchers, and given a CVSS Severity rating of 9.3 (high) by the National Vulnerability Database.
The flaw in security is being exploited by malicious code hidden inside embedded MP3 files on web pages and through a long type attribute in a QuickTime tag. According to the VND, the security gap is a "Heap-based buffer overflow in Apple QuickTime 7.5.5 and iTunes 8.0 [that] allows remote attackers to cause a denial of service (browser crash) or possibly execute arbitrary code."
So far there's been no response from Apple regarding the bug, though only last week it addressed other bugs in the QuickTime system.
People are also being warned against an email that offers 'Virtual iPhone games!" and sometimes contains the subject line "Apple: The most popular game!". The email attachment (Penguin.Panic.zip) has been confirmed to contain the malware listed as Agent-HNY Trojan, so caution is advised when it comes to Apple related messages and websites for the time being.
Top Stories
Feature
May 17th, 2024
New release roundup: The best new mobile games from a battle royale to a console classic remake
Feature
May 16th, 2024
Behind the scenes: How adding sandwich offers to an idle merge game boosted three metrics at once
Events
Digital Dragons | Europe | May 19th |
GamesBeat Summit 2024 | North America | May 20th |
Mobidictum Meetup Tallinn May 2024 | Europe | May 21st |
Nordic Game Spring 2024 | Nordic | May 21st |
Impact 2024 - Indie Games | May 23rd | |
Morocco Gaming Expo | Africa | May 24th |
MomoCon 2024 | North America | May 24th |
Unreal Fest Gold Coast 2024 | Australasia | May 29th |
Popular Stories
Feature
May 14th, 2024
53 top mobile games in soft launch: Squad Busters, Battle Guys: Royale, Plants vs. Zombies 3, LEGO Hill Climb Adventures, and more
Feature
May 13th, 2024
Hot Five: Dubai's new Gaming Visa, April's mobile game charts, and Xbox studio closures
Feature
May 14th, 2024