BETA
This is a BETA experience. You may opt-out by clicking here

More From Forbes

Trump Stock (DJT) Is Overvalued-But You Might Be Crazy To Short It
Q1 Had Market Surprises, But Biggest One May Not Yet Have Arrived...
Indices Have All Their Eggs In One Basket That May Soon Tumble & Crack
AI is Red Hot: Will Investors Get Burned On Nvidia And Super Micro?
When Is Executive Compensation Excessive? Elon Musk and Beyond
Financial Markets Teeter On Rate Cut & Inflation Uncertainty
Edit Story
Money

Apple's iTunes, QuickTime, High On Cyber Security Vulnerability List, Kasperky Lab Says

Kenneth Rapoza
Former Contributor
Opinions expressed by Forbes Contributors are their own.
I write about global business and investing in emerging markets.
This article is more than 10 years old.

Popular Apple programs iTunes and QuickTime are being used by malware code writers to hack into computer platforms and potentially steal data, Russian-based cybersecurity firm Kaspersky Lab said Friday.

In their third quarter IT Threat Evolution report, Kaspersky Lab analyst Yury Namestnikov said that those two Apple programs appeared on the top 10 list of most vulnerable programs for the first time, beating out Microsoft products.

The iTunes vulnerabilities were spotted by Kaspersky on the Mac OSX v10.5 and later, Windows 7, Vista, and Windows XP SP2.  A Kaspersky Lab press officer said QuickTime exploits were found on Windows 7, Vista and Windows XP SP2 or later. But for Mac OSX users, the vulnerabilities either didn't impact their computers or were addressed through security updates.

All told, Kaspersky Lab said that a total of 30,749,066 vulnerable programs and files were detected on computers using the Kaspersky Security Network (KSN), with an average of 8 different vulnerabilities detected on each affected computer.

The two most frequently exploited vulnerabilities -- where malware first entered a computer platform -- were through Oracle's two Java versions, accounting for 35 percent and 21.70 percent of affected computers respectively. Java vulnerabilities were used in 56 percent of all cyber attacks. According to Oracle, different versions of Java are installed on over 1.1 billion computers. Because updates for Java software are installed on demand rather than automatically, there is a longer shelf-life for vulnerabilities. Java vulnerabilities continue to be a favorite of cyber criminals, Namestnikov said, because Java exploits are easy to use under any Windows. And with some additional work by sophisticated malware code writers, cross-platform exploits can easily be created using botnets like Flashfake.

After Java, Adobe’s Flash, Reader/Acrobat, and Acrobat were the number's three four and five spot.

Apple’s QuickTime and iTunes came in at sixth and seventh place, with vulnerabilities showing up on 13.8 percent and 11.7 percent of computers respectively.

Microsoft did not appear on the Top 10 vulnerabilities list for the first time ever, primarily because the automatic updates mechanism in recent versions of Windows has been well developed.

Users on both systems should check Apple’s Security Update page to ensure iTunes and QuickTime are updated with the latest security walls, a Kaspersky Lab spokesperson in Massachusetts said Friday.

Gallery: A Brief History of Apple Hacking
10 images
View gallery

Kenneth Rapoza
Kenneth Rapoza