A flaw in the beta version of Apple’s FaceTime for Mac which was presented on Wednesday, has apparently allowed potential hackers to gain access to and modify a user’s iTunes account settings from the software – without asking for a password.
Even though the exploitation of the flaw would have been possible only to people who had physical access to the (unattended) system, Apple has moved to close the hole almost immediately. According to InformationWeek it did so by disabling the ability of the user to view those settings from FaceTime.
It is definitely a good move for the time being, and I expect the flaw to be permanently fixed when beta testing is completed. As the number of Mac users rise with the proliferation of iPhones and iPads, it is laudable to see Apple react quickly to potentially dangerous security vulnerabilities.