{"id":14409,"date":"2013-05-16T15:01:14","date_gmt":"2013-05-16T22:01:14","guid":{"rendered":"http:\/\/www.intego.com\/mac-security-blog\/?p=14409"},"modified":"2016-10-06T12:05:40","modified_gmt":"2016-10-06T19:05:40","slug":"apple-updates-itunes-to-address-multiple-vulnerabilities","status":"publish","type":"post","link":"https:\/\/www.intego.com\/mac-security-blog\/apple-updates-itunes-to-address-multiple-vulnerabilities\/","title":{"rendered":"Apple Updates iTunes to Address Multiple Vulnerabilities"},"content":{"rendered":"<p>Apple has released a <a href=\"http:\/\/support.apple.com\/kb\/HT5766\">new version of iTunes<\/a> for Macintosh and Windows platforms. These software updates fix a combined 40 bugs with 1 flaw resolved in iTunes for Mac OS X v10.6.8 or later, Windows 7, Vista, XP SP2 or later and an additional 39 flaws resolved just for Windows 7, Vista, XP SP2 or later.<\/p>\n<p><a href=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2013\/05\/iTunes-11.0.3-software-update.png\"><img loading=\"lazy\" class=\"aligncenter size-full wp-image-14417\" src=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2013\/05\/iTunes-11.0.3-software-update.png\" alt=\"iTunes 11.0.3 security update\" width=\"604\" height=\"626\" srcset=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2013\/05\/iTunes-11.0.3-software-update.png 604w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2013\/05\/iTunes-11.0.3-software-update-144x150.png 144w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2013\/05\/iTunes-11.0.3-software-update-289x300.png 289w\" sizes=\"(max-width: 604px) 100vw, 604px\" \/><\/a><\/p>\n<p>The iTunes versions available for Mac OS X v10.6.8 or later, Windows 7, Vista, XP SP2 or later addresses a vulnerability in which an attacker in a privileged network position may manipulate HTTPS server certificates, leading to the disclosure of sensitive information. According to Apple\u2019s description, a certificate validation issue existed in iTunes and in certain contexts, an active network attacker could present untrusted certificates to iTunes and they would be accepted without warning. This issue was resolved by improved certificate validation.<\/p>\n<ul>\n<li>CVE-2013-1014<\/li>\n<\/ul>\n<p>The iTunes versions available for Windows 7, Vista, XP SP2 or later addresses a vulnerability in which a man-in-the-middle attack that occurs while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution. Multiple memory corruption issues existed in WebKit that were addressed through improved memory handling.<\/p>\n<ul>\n<li>CVE-2012-2824, CVE-2012-2857, CVE-2012-3748, CVE-2012-5112, CVE-2013-0879, CVE-2013-0912, CVE-2013-0948, CVE-2013-0949, CVE-2013-0950, CVE-2013-0951, CVE-2013-0952, CVE-2013-0953, CVE-2013-0954, CVE-2013-0955, CVE-2013-0956, CVE-2013-0958, CVE-2013-0959, CVE-2013-0960, CVE-2013-0961, CVE-2013-0991, CVE-2013-0992, CVE-2013-0993, CVE-2013-0994, CVE-2013-0995, CVE-2013-0996, CVE-2013-0997, CVE-2013-0998, CVE-2013-0999, CVE-2013-1000, CVE-2013-1001, CVE-2013-1002, CVE-2013-1003, CVE-2013-1004, CVE-2013-1005, CVE-2013-1006, CVE-2013-1007, CVE-2013-1008, CVE-2013-1010, CVE-2013-1011<\/li>\n<\/ul>\n<p>Users of iTunes 11.0.2<b> <\/b>and earlier versions for Mac and Windows should download and install the update to <a href=\"http:\/\/support.apple.com\/kb\/DL1614\">iTunes 11.0.3<\/a> from the Downloads page or through the software\u2019s update function.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Apple has released a new version of iTunes for Macintosh and Windows platforms. These software updates fix a combined 40 bugs with 1 flaw resolved in iTunes for Mac OS X v10.6.8 or later, Windows 7, Vista, XP SP2 or later and an additional 39 flaws resolved just for Windows 7, Vista, XP SP2 or [&hellip;]<\/p>\n","protected":false},"author":6,"featured_media":8801,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"spay_email":"","jetpack_publicize_message":"","jetpack_is_tweetstorm":false},"categories":[5,11],"tags":[3151,71,201],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v17.4 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<meta name=\"description\" content=\"Apple has released a new version of iTunes for Macintosh and Windows platforms. These software updates fix a combined 40 bugs with 1 flaw resolved in\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.intego.com\/mac-security-blog\/apple-updates-itunes-to-address-multiple-vulnerabilities\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Apple Updates iTunes to Address Multiple Vulnerabilities - The Mac Security Blog\" \/>\n<meta property=\"og:description\" content=\"Apple has released a new version of iTunes for Macintosh and Windows platforms. These software updates fix a combined 40 bugs with 1 flaw resolved in\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.intego.com\/mac-security-blog\/apple-updates-itunes-to-address-multiple-vulnerabilities\/\" \/>\n<meta property=\"og:site_name\" content=\"The Mac Security Blog\" \/>\n<meta property=\"article:published_time\" content=\"2013-05-16T22:01:14+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2016-10-06T19:05:40+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2012\/11\/itunes-thumb.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"400\" \/>\n\t<meta property=\"og:image:height\" content=\"260\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Lysa Myers\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\",\"name\":\"Intego\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/\",\"sameAs\":[],\"logo\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#logo\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png\",\"contentUrl\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png\",\"width\":875,\"height\":875,\"caption\":\"Intego\"},\"image\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#logo\"}},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#website\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/\",\"name\":\"The Mac Security Blog\",\"description\":\"Keep Macs safe from the dangers of the Internet\",\"publisher\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.intego.com\/mac-security-blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/apple-updates-itunes-to-address-multiple-vulnerabilities\/#primaryimage\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2012\/11\/itunes-thumb.jpg\",\"contentUrl\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2012\/11\/itunes-thumb.jpg\",\"width\":\"400\",\"height\":\"260\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/apple-updates-itunes-to-address-multiple-vulnerabilities\/#webpage\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/apple-updates-itunes-to-address-multiple-vulnerabilities\/\",\"name\":\"Apple Updates iTunes to Address Multiple Vulnerabilities - The Mac Security Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/apple-updates-itunes-to-address-multiple-vulnerabilities\/#primaryimage\"},\"datePublished\":\"2013-05-16T22:01:14+00:00\",\"dateModified\":\"2016-10-06T19:05:40+00:00\",\"description\":\"Apple has released a new version of iTunes for Macintosh and Windows platforms. These software updates fix a combined 40 bugs with 1 flaw resolved in\",\"breadcrumb\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/apple-updates-itunes-to-address-multiple-vulnerabilities\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.intego.com\/mac-security-blog\/apple-updates-itunes-to-address-multiple-vulnerabilities\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/apple-updates-itunes-to-address-multiple-vulnerabilities\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.intego.com\/mac-security-blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Apple Updates iTunes to Address Multiple Vulnerabilities\"}]},{\"@type\":\"Article\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/apple-updates-itunes-to-address-multiple-vulnerabilities\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/apple-updates-itunes-to-address-multiple-vulnerabilities\/#webpage\"},\"author\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/12b11624d5a648c576d8dce6f93b230a\"},\"headline\":\"Apple Updates iTunes to Address Multiple Vulnerabilities\",\"datePublished\":\"2013-05-16T22:01:14+00:00\",\"dateModified\":\"2016-10-06T19:05:40+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/apple-updates-itunes-to-address-multiple-vulnerabilities\/#webpage\"},\"wordCount\":302,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/apple-updates-itunes-to-address-multiple-vulnerabilities\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2012\/11\/itunes-thumb.jpg\",\"keywords\":[\"Apple\",\"iTunes\",\"Security Updates\"],\"articleSection\":[\"Security News\",\"Software &amp; Apps\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.intego.com\/mac-security-blog\/apple-updates-itunes-to-address-multiple-vulnerabilities\/#respond\"]}]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/12b11624d5a648c576d8dce6f93b230a\",\"name\":\"Lysa Myers\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#personlogo\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/783af524dca7753ceb3cd9a576398a0e?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/783af524dca7753ceb3cd9a576398a0e?s=96&d=mm&r=g\",\"caption\":\"Lysa Myers\"},\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/author\/lysam\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"description":"Apple has released a new version of iTunes for Macintosh and Windows platforms. These software updates fix a combined 40 bugs with 1 flaw resolved in","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.intego.com\/mac-security-blog\/apple-updates-itunes-to-address-multiple-vulnerabilities\/","og_locale":"en_US","og_type":"article","og_title":"Apple Updates iTunes to Address Multiple Vulnerabilities - The Mac Security Blog","og_description":"Apple has released a new version of iTunes for Macintosh and Windows platforms. These software updates fix a combined 40 bugs with 1 flaw resolved in","og_url":"https:\/\/www.intego.com\/mac-security-blog\/apple-updates-itunes-to-address-multiple-vulnerabilities\/","og_site_name":"The Mac Security Blog","article_published_time":"2013-05-16T22:01:14+00:00","article_modified_time":"2016-10-06T19:05:40+00:00","og_image":[{"width":"400","height":"260","url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2012\/11\/itunes-thumb.jpg","type":"image\/jpeg"}],"twitter_card":"summary_large_image","twitter_misc":{"Written by":"Lysa Myers","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Organization","@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization","name":"Intego","url":"https:\/\/www.intego.com\/mac-security-blog\/","sameAs":[],"logo":{"@type":"ImageObject","@id":"https:\/\/www.intego.com\/mac-security-blog\/#logo","inLanguage":"en-US","url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png","contentUrl":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png","width":875,"height":875,"caption":"Intego"},"image":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#logo"}},{"@type":"WebSite","@id":"https:\/\/www.intego.com\/mac-security-blog\/#website","url":"https:\/\/www.intego.com\/mac-security-blog\/","name":"The Mac Security Blog","description":"Keep Macs safe from the dangers of the Internet","publisher":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.intego.com\/mac-security-blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"ImageObject","@id":"https:\/\/www.intego.com\/mac-security-blog\/apple-updates-itunes-to-address-multiple-vulnerabilities\/#primaryimage","inLanguage":"en-US","url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2012\/11\/itunes-thumb.jpg","contentUrl":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2012\/11\/itunes-thumb.jpg","width":"400","height":"260"},{"@type":"WebPage","@id":"https:\/\/www.intego.com\/mac-security-blog\/apple-updates-itunes-to-address-multiple-vulnerabilities\/#webpage","url":"https:\/\/www.intego.com\/mac-security-blog\/apple-updates-itunes-to-address-multiple-vulnerabilities\/","name":"Apple Updates iTunes to Address Multiple Vulnerabilities - The Mac Security Blog","isPartOf":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/apple-updates-itunes-to-address-multiple-vulnerabilities\/#primaryimage"},"datePublished":"2013-05-16T22:01:14+00:00","dateModified":"2016-10-06T19:05:40+00:00","description":"Apple has released a new version of iTunes for Macintosh and Windows platforms. These software updates fix a combined 40 bugs with 1 flaw resolved in","breadcrumb":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/apple-updates-itunes-to-address-multiple-vulnerabilities\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.intego.com\/mac-security-blog\/apple-updates-itunes-to-address-multiple-vulnerabilities\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.intego.com\/mac-security-blog\/apple-updates-itunes-to-address-multiple-vulnerabilities\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.intego.com\/mac-security-blog\/"},{"@type":"ListItem","position":2,"name":"Apple Updates iTunes to Address Multiple Vulnerabilities"}]},{"@type":"Article","@id":"https:\/\/www.intego.com\/mac-security-blog\/apple-updates-itunes-to-address-multiple-vulnerabilities\/#article","isPartOf":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/apple-updates-itunes-to-address-multiple-vulnerabilities\/#webpage"},"author":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/12b11624d5a648c576d8dce6f93b230a"},"headline":"Apple Updates iTunes to Address Multiple Vulnerabilities","datePublished":"2013-05-16T22:01:14+00:00","dateModified":"2016-10-06T19:05:40+00:00","mainEntityOfPage":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/apple-updates-itunes-to-address-multiple-vulnerabilities\/#webpage"},"wordCount":302,"commentCount":0,"publisher":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization"},"image":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/apple-updates-itunes-to-address-multiple-vulnerabilities\/#primaryimage"},"thumbnailUrl":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2012\/11\/itunes-thumb.jpg","keywords":["Apple","iTunes","Security Updates"],"articleSection":["Security News","Software &amp; Apps"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.intego.com\/mac-security-blog\/apple-updates-itunes-to-address-multiple-vulnerabilities\/#respond"]}]},{"@type":"Person","@id":"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/12b11624d5a648c576d8dce6f93b230a","name":"Lysa Myers","image":{"@type":"ImageObject","@id":"https:\/\/www.intego.com\/mac-security-blog\/#personlogo","inLanguage":"en-US","url":"https:\/\/secure.gravatar.com\/avatar\/783af524dca7753ceb3cd9a576398a0e?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/783af524dca7753ceb3cd9a576398a0e?s=96&d=mm&r=g","caption":"Lysa Myers"},"url":"https:\/\/www.intego.com\/mac-security-blog\/author\/lysam\/"}]}},"jetpack_featured_media_url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2012\/11\/itunes-thumb.jpg","jetpack_publicize_connections":[],"jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p4VAYd-3Kp","amp_enabled":true,"_links":{"self":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts\/14409"}],"collection":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/comments?post=14409"}],"version-history":[{"count":8,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts\/14409\/revisions"}],"predecessor-version":[{"id":57970,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts\/14409\/revisions\/57970"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/media\/8801"}],"wp:attachment":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/media?parent=14409"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/categories?post=14409"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/tags?post=14409"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}