A vulnerability within QuickTime 7.5.5 and iTunes 8.0 has been uncovered by security researchers, and given a CVSS Severity rating of 9.3 (high) by the National Vulnerability Database.
The flaw in security is being exploited by malicious code hidden inside embedded MP3 files on web pages and through a long type attribute in a QuickTime tag. According to the VND, the security gap is a "Heap-based buffer overflow in Apple QuickTime 7.5.5 and iTunes 8.0 [that] allows remote attackers to cause a denial of service (browser crash) or possibly execute arbitrary code."
So far there's been no response from Apple regarding the bug, though only last week it addressed other bugs in the QuickTime system.
People are also being warned against an email that offers 'Virtual iPhone games!" and sometimes contains the subject line "Apple: The most popular game!". The email attachment (Penguin.Panic.zip) has been confirmed to contain the malware listed as Agent-HNY Trojan, so caution is advised when it comes to Apple related messages and websites for the time being.
Top Stories
News
11 hours, 42 minutes ago
Supercell’s Squad Busters ranks No. 1 for App Store game downloads in all soft launch countries
Feature
Apr 23rd, 2024
King’s Trevor Burrows on the power of art: "We could see our numbers literally dropping"
Feature
Apr 22nd, 2024
Tjodolf Sommestad talks AI, tips for indie devs, and a day in the life of King's president
Events
App Promotion Summit London | Europe | Apr 25th |
Esports Future Summit | Middle East | Apr 27th |
Dubai GameExpo Summit 2024 | Middle East | May 1st |
The MENA Games Industry Awards 2024 | Middle East | May 2nd |
GameDev Atlantic 2024 | May 4th | |
Mobidictum Meetup Berlin May 2024 | Europe | May 7th |
Mobidictum Meetup Tallinn May 2024 | Europe | May 21st |
Israel Mobile Summit 2024 | Middle East | Jun 6th |
Popular Stories
News
Apr 17th, 2024
Monopoly GO! celebrates its first birthday and shares its behind-the-scenes story
News
Apr 23rd, 2024