iTunes massive patch but worry about old Java installations.

September 18th, 2012 by Stephen Jones Leave a reply »

To fix 163 issues a massive patch was recently published  to WebKit, an open source technology for rendering HTML used by iTunes and many other applications, including Safari, Google’s Chrome, and Yahoo Messenger.

The major incidents that have impacted users of the Mac OS X operating system target vulnerabilities in the Java platform.  The good news is Qualys did not find any issues that seemed particularly critical. 

The latest security update moves iTunes to version 10.7. The company announced on Wednesday that in October it would update the program with user interface changes to put the content front and center.

The most exploited attack vectors,areoutdated PDF readers and old Java installations.

Recent attacksfocused on exploiting Javae,g this month, , Oracle rushed out a patch to fix a flaw in the Java runtime environment that allows an attacker to take control of a Windows, Mac, or Linux system with no actions on the part of the user, aside from visiting a website with a Java-enabled browser. Earlier this year, the Flashback trojan infected some 600,000 Mac OS X systems using a vulnerability in Java.


Leave a Reply

You must be logged in to post a comment.