eEye documents QuickTime/iTunes heap overflow vulnerability

eEye digital security has posted a brief description of a heap overflow vulnerability exists in QuickTime/iTunes and allows for remote code execution.

The exploit would allow for a remote user to execute code with the rights of the currently logged in user -- another reason users should not use an administrator account for daily tasks as described in our article "10 simple steps for securing your Mac."

For more information, see eEye's security alert.

Feedback? Late-breakers@macfixit.com.

Resources