Symantec and Sophos warn of the dangers associated with certain Apple products

29th September 2008

Information security specialists warn about the discovery of serious vulnerabilities in applications QuickTime and iTunes.
The record in the National Vulnerability Database of USA indicates the possibility of an attack using the heap overflow method in the applications of QuickTime 7.5.5 and iTunes 8.0.
Symantec specialists are currently exploring the found vulnerabilities. Meanwhile, the experts can not offer users any reliable way to avoid the threat, but they recommend being cautious when surfing the net and uninstall the plugin QuickTime.
Apple representatives so far have not commented on the situation.
Experts of the company Sophos warn about the spam campaign, initiators of which distribute the Trojan under the guise of a popular game for iPhone.
Such e-mail messages as “Virtual iPhone games!”, “Apple: The most popular game!” and other of the same type, are attached with the archive “Penguin.Panic.zip” “containing” the popular game. Actual contents of the archive had been identified by Sophos as the Trojan “Troj/Agent-HNY”, attacking machines under Windows. No similar versions for Mac OS X have been found by Sophos experts so far.