Apple Patches iTunes MPEG Decoding Flaw
If you use iTunes, well first of all you have my sympathy. Secondly... you may like to know that Apple have updated it to patch up a vulnerability.
Quote:
The iTunes flaw, affecting versions of the software up to 4.8, involves the way the application parses MPEG-4 files, such as the AAC (Advanced Audio Coding) files sold on the iTunes Music Store. A buffer overflow could be exploited by malicious MPEG-4 files to cause iTunes to crash or execute malicious code.
[eWeek]