Code that allows hackers to exploit a vulnerability in Apple's iTunes software has appeared over the weekend.
The code was posted on the Bugtraq mailing list by someone known only as 'Nemo', and acknowledges the help of three friends 'andrewg', 'mercy' and 'core'. The code is designed purely as a proof of concept and contains no virus or Trojan payload.
"Here is some code to exploit the vulnerability. It will generate a *.pls file which, when opened with iTunes 4.7, will bind a shell on port 4444," said 'Nemo' in the message.
Early versions of iTunes are vulnerable to hackers who can build malicious playlist files which crash the application. Code can then be inserted, either to spread a virus or allow the attacker to take control of the host PC.
The latest version, iTunes 4.7.1, is not affected by the vulnerability and can be downloaded from Apple's website here.
Some parts of Atacama have not received rainfall for 500 years - but a sudden deluge of water upset the Desert's delicate biological balance
Spitzer Space Telescope could not spot Oumuamua, suggesting that it is actually pretty small
Greenland crater one of the 25 largest impact craters on Earth
This long-sought progenitor star was identified in an image captured by Hubble in 2007