Patched Security Flaw In Mac OS, iOS Unpatched in iTunes for Windows

| News

Apple released updates to Mavericks and iOS that addressed a security flaw in SSL, but iTunes for Windows is still vulnerable, according to a report from iPhone in Canada. The flaw leaves Windows iTunes users vulnerable to a man-in-the-middle attack that could result in someone getting your iTunes login.

One bug squished, one bug survived.

Unfortunately this is just a case of history repeating itself. When this flaw was discovered the update was released immediately on Mac OS, but three weeks later on iOS, drawing criticism from a former employee for the delay. Unfortunately, that delay for Windows users is approaching two months now, which also seems suboptimal.

To protect against the man in the middle attack that exploits this security flaw, don’t do anything in iTunes for Windows that involves your password (buying music/apps, activating a device), and don’t connect that machine to public wifi networks.

The Mac Observer Spin The Mac Observer Spin is how we show you what our authors think about a news story at quick glance. Read More →

This is an Apple fan’s worst nightmare, right? After all the years of eye rolling towards Windows users about their security situation, now they are in a bad spot created by Apple. Fanboys who enjoy the smug satisfaction of waving their lack of antivirus software in front of Windows users might want to keep their heads down for awhile; this is a bad scene for everyone. If you are that variety of fanboy, well, don’t say I didn’t warn you.



is it just me, or does Apple have too many Chiefs and not enough Native Americans? Lots of VPs but not enough engineers to resolve issues like this in a timely manner? Jobs wanted to keep the company lean, like a startup. Yet there don’t seem to be enough engineers, designers, etc to get updated versions of existing products out the shipping door. If all their staff are working on new products (e.g., iWatch, iPhone 6, streaming,  etc), then they need to hire more people to update Apple TV, iTunes, Mail, Mac Mini, iPads, and so on.

OTOH, perhaps all the new stuff, AND revisions of existing products, will be announced on the 2-hour keynote on June 2nd. And more steady software and hardware updating will resume.

Log in to comment (TMO, Twitter or Facebook) or Register for a TMO account