Re: [Fed-Talk] Not So Fast Upgrade to iTunes 9.2
Re: [Fed-Talk] Not So Fast Upgrade to iTunes 9.2
- Subject: Re: [Fed-Talk] Not So Fast Upgrade to iTunes 9.2
- From: Dave Schroeder <email@hidden>
- Date: Thu, 17 Jun 2010 13:14:31 -0500
Again, not sure what you're saying here.
The risks mentioned at those links are *fixed* in iTunes 9.2, not introduced by 9.2...
- Dave
On Jun 17, 2010, at 12:22 PM, Kim, Andy (Gregg) wrote:
>
> Encourage you and users to review Apple KB as I mentioned, and apply any necessary updates to help mitigate the risks for iTunes 9.2 upgrade.
>
> ... Not so fast upgrade iTunes 9.2.
>
> Andy
>
> On 6/17/10 12:19 PM, "Peter Link" <email@hidden> wrote:
>
> > I think he's saying it took Apple a long time to fix them; in a "not so fast
> > upgrade."
> >
> >
> > On Jun 17, 2010, at 9:14 AM, Dave Schroeder wrote:
> >
> >> Am I misunderstanding your comment?
> >>
> >> iTunes 9.2 *fixes* these vulnerabilities, so it would be a desirable
> >> update...
> >>
> >> - Dave
> >>
> >> On Jun 17, 2010, at 8:59 AM, Kim, Andy (Gregg) wrote:
> >>
> >>>
> >>> Apple releases iTunes 9.2 early this morning.
> >>>
> >>> Apple has released iTunes 9.2 for Windows Systems to address multiple
> >>> vulnerabilities affecting the ColorSync, ImageIO, and WebKit packages.
> >>>
> >>> These vulnerabilities may allow an attacker to execute arbitrary code
> >>> or cause a denial-of-service condition. Please see Apple’s KB.
> >>>
> >>> http://support.apple.com/kb/HT4220
> >>>
> >>> US-Cert commented about it’s multiple vulnerabilities.
> >>>
> >>> http://www.us-cert.gov/current/index.html#apple_releases_itunes_9_2
> >>>
> >>> Regards,
> >>>
> >>> Andy Kim
> >>> Dir of I T
> >>> U.S. Senator Judd Gregg
> >>>
> >>> _______________________________________________
> >>> Do not post admin requests to the list. They will be ignored.
> >>> Fed-talk mailing list (email@hidden)
> >>> Help/Unsubscribe/Update your Subscription:
> >>>
> >>> This email sent to email@hidden
> >>
> >> _______________________________________________
> >> Do not post admin requests to the list. They will be ignored.
> >> Fed-talk mailing list (email@hidden)
> >> Help/Unsubscribe/Update your Subscription:
> >>
> >> This email sent to email@hidden
> >
> > Peter Link
> > Cyber Security Analyst
> > Cyber Security Program
> > Lawrence Livermore National Laboratory
> > PO Box 808, L-315
> > Livermore, CA 94550
> > email@hidden
> >
> >
> >
> >
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden