Feeds

Apple fans besieged by iPhone Trojan and iTunes attack

iExploits

Choosing a cloud hosting partner with confidence

Apple fans are under attack on multiple fronts.

Security researchers have discovered an unpatched vulnerability in Apple's iTunes and QuickTime software that creates an opportunity to crash browser applications. The flaw might also open up a route to inject hostile code onto vulnerable systems, though this remains unproven.

Exploitation of the flaw in either case involves tricking surfers into opening a maliciously constructed QuickTime tag contained on a web page or embedded in an MP3 and video clip file. Security clearing house US CERT rates the buffer overflow-based flaw - which affects Apple QuickTime 7.5.5 and iTunes 8.0 - as a high risk bug.

Apple posted an update for QuickTime addressing earlier bugs only last week. The consumer electronic giant is yet to respond to the latest security flap involving its iTunes software, following the publication of an alert by US CERT on Thursday.

In other Apple-related security news, miscreants have disguised a Windows Trojan as a game for the Apple iPhone. The malware appears as an attachment in spam emails doing the rounds that appear with subject lines such as "Virtual iPhone games!" and "Apple: The most popular game!". Windows users credulous enough to open the infected attachment 'Penguin.Panic.zip' will end up loading the Agent-HNY Trojan onto their systems.

The malware has no effect when opened on either a Mac or Jesus Phone, as explained in a write-up of the attack of a Sophos security blog here. ®

Intelligent flash storage arrays

Whitepapers

Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.