Thursday, March 26, 2009

Malware in iTunes podcasts may swipe passwords

Update your Apple's ITunes as soon as possible...

Apple notified customers in a Mar. 11 alert that a malicious podcast may steal your Apple iTunes credentials and expose your user ID and password. Normally, iTunes will notify you that updates are available, but if you don't see the notification, you can download the update manually from Apple's iTunes download page.

On Windows systems, an additional vulnerability impacts the Digital Audio Access Protocol, Apple's proprietary protocol for sharing media across a network. The hole could allow a Denial of Service attack.

No comments: