<img src="http://www.iphonealley.com/images/storyimages/july07/itunesicon.jpg" align="right"/>

According to eWEEK's Security Center, there might be an even more important reason to update your iTunes to 7.4 besides just neat ringtones and iPod touch support. They claim that one of the things the update fixes is a security flaw in the form of a nasty buffer overflow related to processing album art. <!--break-->

To attack the machine, an attacker would create a special malicious music file. This would result in an overflow that would lead to an application crashing or even something as bad as arbitrary code execution. Both, very bad news.

Fortunately, Apple is on top of the situation in their usual fashion. The iTunes 7.4 update issued yesterday fixes the problem with proper bounds checking. The update is available for Mac OS X v10.3.9, Mac OS v10.4.7 or later, and Windows XP and Vista.

It is suggested that you install the update, which can be downloaded <a href="http://www.apple.com/itunes/download/" target="_blank">here</a>.

[via <a href="http://www.eweek.com/article2/0,1895,2179974,00.asp" target="_blank">eWEEK</a>]

I found out that you can no longer export play list of non-purchased iTunes samples. In 7.3, you could put the :30 sec sample file in a play list and export the play list to a .txt file to see where the file was coming from, then use that file as a ring tone. Apple fixed this by not including the non-purchased files in the .txt file. Sucks. I would keep a 7.3 version handy.

I found out that you can no longer export play list of non-purchased iTunes samples. In 7.3, you could put the :30 sec sample file in a play list and export the play list to a .txt file to see where the file was coming from, then use that file as a ring tone. Apple fixed this by not including the non-purchased files in the .txt file. Sucks. I would keep a 7.3 version handy.
Crap, that SUCKS!

There's a script that pulls down the previews here:

http://www.iphonealley.com/forums/showthread.php?t=512&page=3