Apple fixes security flaws, adds features in iTunes update
Apple Inc. updated iTunes Wednesday, fixing a pair of security vulnerabilities, adding support for the new line of iPod Shuffles and boosting performance when loading large libraries and browsing the online store.
The two bugs -- one in both the Mac and Windows versions, the second only in iTunes for Windows -- could be used by attackers to steal iTunes usernames and passwords or lock up the program, respectively. Apple said that the identity theft vulnerability could be triggered by offering a user a subscription to a malicious podcast.
Neither vulnerability could be exploited with what Apple usually describes as "arbitrary code execution," its phrase for the most serious type of attacks that leave a computer under hacker control.
iTunes 8.1 also includes several new features and tweaks. Among the former, Apple has added controls that let parents restrict their children's purchases by movie, TV and game ratings, block all explicit content or disable the store entirely.
The update also offers importing tracks from CDs at the higher 256Kpbs bit-rate -- Apple calls it "iTunes Plus" since that's also the quality level of tracks sold sans digital rights management (DRM) protection -- and extends the Autofill feature to all iPods, not just the entry-level line of Shuffles.
Using Autofill, iTunes crams the iPod with songs from its library, or selects them from a specific playlist, picking them randomly or adding higher-rated tunes more frequently.
iTunes 8.1 also renames the former "Party Shuffle" feature as "iTunes DJ," and enables iPhones and iPod Touch devices that have Apple's Remote app installed to act as "guests" who are allowed to select songs for the play rotation. If there are multiple guests, all picking songs, majority vote rules. iTunes can be set to send each guest a welcome message, enable voting, and require a password before gaining access to the feature.
The update also provides support for the VoiceOver,, the feature in the just-launched iPod Shuffles that speaks track titles, artists and playlist names. iTunes generates the speech on the PC or Mac, then feeds it to the iPod Shuffle when it's synched.
Although Apple didn't provide specifics, it also boasted that it has revved up iTunes, making it snappier on tasks ranging from loading large song libraries to syncing the device with the Mac or PC.
iTunes 8.1 can be downloaded for Windows XP and Vista, or in a version for Mac OS X 10.4.10 or later, from Apple's site.
Computerworld
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
On Twitter now
news
Powered by Twitter
Esther Schindler
If the comments are ugly, the code is ugly
claird
SVG a graphics format for 21st century
pasmith
Take Chrome OS for a test spin
Sandra Henry-Stocker
Solaris Tip: Have Your Files Changed Since Installation?
jfruh
Android fragments vs. the iPhone monolith
mikelgan
What Gizmodo missed about the Pro WX Wireless USB disk drive
Where Google Chrome security fails: the password
I heard mention that the Chrome OS will have some sort of encryption available a la bitlocker. If it's possible to encrypt personal data using another password or key, then it may have potential for very secure data.... And Ubuntu has an 'encrypt home directory' option, perhaps google should follow suit.
- Dann
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.













