top | item 7244089

(no title)

The plugin folder is writable by current logged in user so a trojan dropper can easily load a malicious plugin.

Maybe I'm missing something, but if you allow for the fact that a virus is already on your system, then you've already lost. It'd be one thing if iTunes was allowing the equivalent of root escalation, but it doesn't sound like it's even doing that.

discuss

No comments yet.