Apple updates iTunes 8.2 for iPhone 3.0 (and more)

Stephen Withers
Tuesday, 02 June 2009 08:21

IT Industry - Development

The latest wave of updates from Apple include security fixes. The iTunes update also provides compatibility with iPhone 3.0, and there are also QuickTime and GarageBand updates.

Apple has updated iTunes and QuickTime for Mac and Windows, GarageBand (its Mac-only music program), and the MobileMe control panel for Windows.

The main change in iTunes is support for the iPhone and iPod touch with the iPhone 3.0 software. The new iPhone software is expected to be released at this month's Wordlwide Developers Conference (WWDC).

Apple also mentions "many accessibility improvements and bug fixes."

One of those bug fixes addresses a security flaw where a maliciously crafted itms: URL could trigger a stack overflow with the potential for arbitrary code execution.

The issue applies to the Mac and Windows versions of iTunes.

The QuickTime 7.6.2 update improves compatibility with Apple ProRes media files, provides better support for iTunes 8.2 (so you probably shouldn't update iTunes if there's some reason why you don't want to update iTunes at the same time), and multiple security fixes.

Ten security issues are patched by the update, and six of them were reported to Apple through Tipping Point's Zero Day Initiative (ZDI). Two others were reported by Secunia.

All ten flaws are triggered by opening maliciously crafted media files. The affected formats are Sorensen 3, FLC, PSD, PICT, MS ADPCM, JP2 (JPEG 2000), and movie files generally.

Find out more about the QuickTime flaws - along with details of the MobileMe and GarageBand updates - on page 2.