14 DAY TRIAL // A security breach of critical importance has been discovered end of last week in the latest version of iTunes, and should this breach be exploited it could allow an attacker to gain remote access to someone's vulnerable computer.
It's important to remind everybody that just a week ago, Apple released a security update for iTunes 6, the Windows version. The breach we refer to existed in the previous release of iTunes, but it wasn't addressed by this security update. Although at first, eEye security company announced this flaw exists in all iTunes versions, apparently it only checked out for Windows editions.
The flaw enables hackers to launch arbitrary code remotely, once a user clicks on a malicious Web site link or opens a malicious e-mail. According to the Apple tradition, the company hasn't made any official statements so far and will first conduct an investigation of its own, probably release a security update and only after will it address the media and the users.