Re: [Fed-Talk] Not So Fast Upgrade to iTunes 9.2
Re: [Fed-Talk] Not So Fast Upgrade to iTunes 9.2
- Subject: Re: [Fed-Talk] Not So Fast Upgrade to iTunes 9.2
- From: "Kim, Andy (Gregg)" <email@hidden>
- Date: Thu, 17 Jun 2010 13:22:05 -0400
- Acceptlanguage: en-US
- Importance: high
- Thread-topic: [Fed-Talk] Not So Fast Upgrade to iTunes 9.2
Title: Re: [Fed-Talk] Not So Fast Upgrade to iTunes 9.2
Encourage you and users to review Apple KB as I mentioned, and apply any necessary updates to help mitigate the risks for iTunes 9.2 upgrade.
... Not so fast upgrade iTunes 9.2.
Andy
On 6/17/10 12:19 PM, "Peter Link" <email@hidden> wrote:
> I think he's saying it took Apple a long time to fix them; in a "not so fast
> upgrade."
>
>
> On Jun 17, 2010, at 9:14 AM, Dave Schroeder wrote:
>
>> Am I misunderstanding your comment?
>>
>> iTunes 9.2 *fixes* these vulnerabilities, so it would be a desirable
>> update...
>>
>> - Dave
>>
>> On Jun 17, 2010, at 8:59 AM, Kim, Andy (Gregg) wrote:
>>
>>>
>>> Apple releases iTunes 9.2 early this morning.
>>>
>>> Apple has released iTunes 9.2 for Windows Systems to address multiple
>>> vulnerabilities affecting the ColorSync, ImageIO, and WebKit packages.
>>>
>>> These vulnerabilities may allow an attacker to execute arbitrary code
>>> or cause a denial-of-service condition. Please see Apple’s KB.
>>>
>>> http://support.apple.com/kb/HT4220
>>>
>>> US-Cert commented about it’s multiple vulnerabilities.
>>>
>>> http://www.us-cert.gov/current/index.html#apple_releases_itunes_9_2
>>>
>>> Regards,
>>>
>>> Andy Kim
>>> Dir of I T
>>> U.S. Senator Judd Gregg
>>>
>>> _______________________________________________
>>> Do not post admin requests to the list. They will be ignored.
>>> Fed-talk mailing list (email@hidden)
>>> Help/Unsubscribe/Update your Subscription:
>>>
>>> This email sent to email@hidden
>>
>> _______________________________________________
>> Do not post admin requests to the list. They will be ignored.
>> Fed-talk mailing list (email@hidden)
>> Help/Unsubscribe/Update your Subscription:
>>
>> This email sent to email@hidden
>
> Peter Link
> Cyber Security Analyst
> Cyber Security Program
> Lawrence Livermore National Laboratory
> PO Box 808, L-315
> Livermore, CA 94550
> email@hidden
>
>
>
>
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden