Secunia CSI7
Advisories
Research
Forums
Create Profile
Our Commitment
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: iTunes 10.x update

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Programs

Relating to this vendor:
Apple
And, this specific program:
Apple iTunes 10.x

This thread has been marked as locked.
TiMow iTunes 10.x update
Dedicated Contributor 25th Sep, 2010 19:31
Ranking: 737
Posts: 728
User Since: 26th Jun, 2009
System Score: N/A
Location: CH
Having received notification of latest iTunes update (to v.10.0.1.22), via Apple Software Update, I have just completed installation - longest to date (about 45 mins. on XP).

Pop-up bubble from PSI indicated, first, the removal of old version and then recognised new version (as normal). In addition to iTunes 10.x there was also another new program:

ITDetector ActiveX Control 2.x (v.2.0.1.1);
located: C:\Program Files\iTunes\ITDetector.ocx

It is not present in Add/Remove, as a separate listing.

This was the first time that this additional program has been installed with iTunes (for me), and is populated under Patched tab, which is now one program more than before.

Seeing that it was another ActiveX/.ocx file; and foreseeing possible future problems, I did a quick Google search -- "ITDetector ActiveX Control 2.x" entered in search box.

First 2 results related to Secunia Advisories/Vulnerability Info.; and the following 5 from independent software check companies, all offering: "Free Scan for ITDETECTOR.OCX related errors" (or equivalent) and registry scans.

Despite this, there was nothing to inform/indicate what it is/does. (Nothing on an initial Wiki search). Yet to check out Apple - will look when time permits.

First Q.: Do I (we) really need this?; and second Q: Is this going to haunt our future, with similar problems to those already inherent with Flash ActiveX/.ocx files?

--
Computing is not yet a perfect science - it still requires humans.

ddmarshall RE: iTunes 10.x update
Dedicated Contributor 25th Sep, 2010 20:00
Score: 1205
Posts: 957
User Since: 8th Nov 2008
System Score: 98%
Location: UK
It seems to have been around for a long time:
http://www.bleepingcomputer.com/filedb/itdetector....

I don't know why it's being detected as a separate program now. Have you tried restarting? It may be one of those things that just gets installed for the installation.

This may interest you
http://www.zdnet.com/blog/bott/the-unofficial-guid...

--
This answer is provided “as-is.” You bear the risk of using it.
Was this reply relevant?
+1
-0
TiMow RE: iTunes 10.x update
Dedicated Contributor 26th Sep, 2010 09:32
Score: 737
Posts: 728
User Since: 26th Jun 2009
System Score: N/A
Location: CH
Hi ddm

After firing up this morning, there is still the listing under patched.

Judging by the Secunia Advisory summary page, I, too, am of the opinion that this has been around for quite a while - all I can think, is, that either Apple have changed how this file is included within the installation (I don't known if the longer installation time is of significance); or Secunia have changed their detection rules, to separately include this outside of the iTunes app.

But, what I do find disconcerting, is that every independent site visited (including your first link), starts by offering a scan for possible errors, and then a registry scan to fix such errors - is this expected to be problematical at some point?

Thanks for the other link - I still need to review the included info.

For now, I'm not going to mess too much and see what (if anything) happens - my use of iTunes isn't too great.

Will keep this thread open for any possible further input, and/or confirmation (or not) from Secunia, if they have changed their detection rules, regarding the separate listing.

If this is the case, then it could well have previously been a case of ignorance being bliss, when I wasn't aware of it.

Regards

TiMow

--
Computing is not yet a perfect science - it still requires humans.
Was this reply relevant?
+1
-0
ddmarshall RE: iTunes 10.x update
Dedicated Contributor 26th Sep, 2010 10:40
Score: 1205
Posts: 957
User Since: 8th Nov 2008
System Score: 98%
Location: UK
With regards to the adverts for registry screeners etc., I find that whenever I put anything in a search engine that looks remotely like the name of a Windows ActiveX, dll or exe, it generates a whole lot of results offering to clean it, fix it or download a copy of it. At best, these are trying to sell you a Registry Cleaner; at worst, you end up with malware. Whatever, you can guarantee that none of them will be the slightest use if you actually have a problem. Similarly, the ads on the free technical advice sites are there to generate revenue for the site owners and they may have little control on what is served up. I've programmed myself to filter them out. Firefox with Adblock Plus is useful as well.

--
This answer is provided “as-is.” You bear the risk of using it.
Was this reply relevant?
+1
-0
gjjean RE: iTunes 10.x update
Contributor 26th Sep, 2010 18:37
Score: 192
Posts: 197
User Since: 9th Apr 2010
System Score: 100%
Location: LB
@ Timow

I realised the same issue as you did.

With regards to ddm responses, even I use iTunes with some cautions, I

downloaded (Copy Trans manager) and found –it very comfortable in use and

he act like iTunes and well Very compact and not a heavy weight on the

computer. You can pick-it up from:

http://download.cnet.com/3001-18546_4-10842241.htm...

Have a good time


--
HP pavilion DV6
Win 7 64bit - SP1
IE10 + MSSE4.3.215
Was this reply relevant?
+2
-0
michaelsalis RE: iTunes 10.x update
Member 26th Sep, 2010 19:40
Score: 57
Posts: 141
User Since: 18th Feb 2009
System Score: 98%
Location: UK
hi

I use WinPatrol and the information given by this is as follows:

Bits from Bill



Apple ITunes Helper – ITDETECTOR.OCX

ITdetector.ocx is an ActiveX control that installs with the iTunes Player and Music Manager for Windows and Mac users. iTunes lets you download music from the iTunes music store, to create libraries and play lists, to burn CDs, and transfer music to your iPod player. iTunes can also be used as an aggregator (or podcatcher) to subscribe to podcasts. More information can be found at http://www.apple.com/itunes/download/.

If run on system startup, iTunesHelper recognizes when your iPod player is plugged in. It then starts the iTunes program. Some claim that running it on system startup makes iTunes launch faster as well. If you don't use an iPod or if you don't mind starting the software manually, you might consider disabling this file in your Startup Programs using WinPatrol. Disabling it should keep it from bothering you. If you remote it, it may be replaced the next time you launch the iTunes software. You'll find iTunes support at http://www.apple.com/support/itunes/.


Safe

Apple




--
Michael
Toshiba Satelite A660
Intel i7
Windows 7 Ultimate
IE9

Toshiba Equium Laptop
Intel Centrino Duo
Windows Vista Ultimate SP2
IE9
Was this reply relevant?
+3
-0
This user no longer exists RE: iTunes 10.x update
Member 27th Sep, 2010 10:22
Hi,

We continously add new ActiveX Controls, and what you have experienced is most likely just another ActiveX being added to our system. There are a lot of these controls floating around the internet, and unlike normal software, we try to add these controls without them having been "suggested" by a user.

The fact that it only recently appear will imply that either we recently added the control to our system (though in this case, that isn't why), or that we added another 'detection rule' for the product (which is the case this time around).

Many ActiveX Controls are released by the same vendor with different file information for each release.

hope this helps.
Was this reply relevant?
+0
-0
TiMow RE: iTunes 10.x update
Dedicated Contributor 27th Sep, 2010 13:24
Score: 737
Posts: 728
User Since: 26th Jun 2009
System Score: N/A
Location: CH
-- Emil - thanks for clarification - much as I guessed (in the end);

-- ddm - thanks for insights re. ads. offering (unneeded) fixes;

-- John - good link - under consideration, but in addition to iTunes (for music library and iPod uploading); - unfortunately, at some stage I may still require iTunes, so I wouldn't remove it, anyway;

-- Michael - grateful for your research, although not too much available info. re. ITDETECTOR.OCX functionallity.

Regards to all,

TiMow

--
Computing is not yet a perfect science - it still requires humans.
Was this reply relevant?
+1
-0

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability