Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

iTunes < 10.5.1 Update Authenticity Verification Weakness



The remote host contains an application that is vulnerable to multiple attack vectors.


The remote host has iTunes installed, a popular media player for Windows and Mac OS.

Versions of iTunes earlier than 10.5.1 use an unsecured HTTP connection when checking for or retrieving software updates, which could allow a man-in-the-middle attacker to provide a Trojan horse update that appears to originate from Apple.


Upgrade to iTunes 10.5.1 or later.