Current Activity - Apple Releases iTunes 9.2.1

[Current Activity <us-cert () us-cert gov>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

US-CERT Current Activity

Apple Releases iTunes 9.2.1

Original release date: July 20, 2010 at 7:54 am
Last revised: July 20, 2010 at 7:54 am


Apple has released iTunes 9.2.1 to address a vulnerability. This
vulnerability is due to improper handling of itpc URLs. itpc is the
protocol used by Apple iTunes for handling podcasts. By convincing a
user to access a specially crafted itpc URL, an attacker may be able
to execute arbitrary code or cause a denial-of-service condition.

US-CERT encourages users and administrators to review Apple article
HT4263 and update to iTunes 9.2.1 to help mitigate the risks
associated with this vulnerability.

Relevant Url(s):
<http://support.apple.com/kb/HT4263>

====
This entry is available at
http://www.us-cert.gov/current/index.html#apple_releases_itunes_9_21

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iQEVAwUBTEWcCz6pPKYJORa3AQJI+wf+IH5QHq/TQwUQZe4ULoRmmwbOL4wP4lOf
RmyVe0jkgD7Scr28TVTUS435fBmkGSXYjCfhLrz34j9wfTB4qUPy2oioeEhfKZ8e
FvF8ZSaR98QByQga8d0t/ahFCMV4h7YlB0dffvRpSHsp2SuK1ymweYL75QcYjHua
vq6OKGpDb3DuqY17EIu0409AQaQT0/iHkFP+gOQ4/k9pY4zXndTjC15qgZaYtFUG
ca8pnY8WSA2aU+m/MCBxebiTeA17f5AfTDYGNvORpXYWURIvl5qmu8REN8aduV1Z
ZRDn1rSqRFFR5O27BUsD3KfqFD+ynUUAU7gilKOf1/K/3fw8OLVhiA==
=za4m
-----END PGP SIGNATURE-----