Although Put used a different technique from Miller and Dai Zovi to find the issue, TippingPoint didn't know that it had bought the bug in "The Mac Hacker's Handbook" until Apple informed it about a week ago, according to TippingPoint's security research manager, Pedram Amini.

It's not unusual for two hackers to discover the same bug, Amini said. Recently three separate researchers submitted identical Internet Explorer flaws within a six-month period. However, he added, "Had we read the book prior to receiving this issue from Damian, we probably would not have made an offer."

In its security advisory, Apple credited both Miller and Put with finding the issue.

In addition to the security fix, the iTunes 8.2 release includes support for the upcoming iPhone 3.0 software, which is expected to be unveiled at Apple's Worldwide Developer Conference next week in San Francisco.