PSA: If You Run Windows, Make Sure to Update iTunes to Fix Security Vulnerability

by

Windows users will want to make sure that they are running the latest version of iTunes, iTunes 12.12.9, in order to gain protection from a recently uncovered security vulnerability.

itunes for windows
Apple released iTunes 12.12.9 on May 23, and it fixes an issue that could allow malicious apps to gain elevated privileges to install malware on a Windows machine. While the vulnerability was addressed last week, Synopsys, the security company that discovered the problem, today shared some details on how it worked.

iTunes had a privileged folder with weak access control, allowing a malicious person to redirect the folder creation to the Windows system directory, which could then be used to obtain a higher-privileged system shell.

The iTunes application creates a folder, SC Info, in the C:\ProgramData\Apple Computer\iTunes directory as a system user and gives full control over this directory to all users. After the installation, the first user to run the iTunes application can delete the SC Info folder, create a link to the Windows system folder, and re-create the folder by forcing an MSI repair, which can be later used to gain Windows SYSTEM level access.

All versions of iTunes prior to 12.12.9 are impacted by this vulnerability, and so iTunes users who are running older versions of the software should make sure to update.

Synopsys first discovered the problem in September 2022, and told Apple about it at that point. Apple confirmed the vulnerability in November, and then patched it in May. Apple did not say that this exploit was known to have been used in the wild so it is not as critical as some other vulnerabilities, but it is still a good idea to install the latest version of iTunes right away.

Tags: iTunes, Windows
Related Forum: Mac Apps

Popular Stories

Second Generation AirTag Feature

Apple Unveils New AirTag With Longer Range, Louder Speaker, and More

Monday January 26, 2026 6:07 am PST by
Apple today introduced the second-generation AirTag, with key features including longer range for tracking items and a louder speaker. For those who are not familiar, the AirTag is a small accessory that you can attach to your backpack, keys, or other items. Then, you can track the location of those items in the Find My app on the iPhone, iPad, Mac, Apple Watch, and iCloud.com. The new...
Read Full Article197 comments
M5 MacBook Pro

Apple Reportedly Aiming to Upgrade the MacBook Pro Twice This Year

Sunday January 25, 2026 11:46 am PST by
Apple plans to release new MacBook Pro, MacBook Air, Mac Studio, and Studio Display models in the first half of this year, according to Bloomberg's Mark Gurman. In his Power On newsletter today, Gurman added that redesigned MacBook Pro models with an OLED touch screen "should be hitting toward the end of 2026," meaning that the MacBook Pro line would be upgraded twice this year. First up...
Read Full Article165 comments
Apple Logo Spotlight

Apple to Launch These 20+ Products This Year

Sunday January 25, 2026 6:02 pm PST by
2026 promises to be yet another busy year for Apple, with the company rumored to be planning more than 20 product announcements over the coming months. Beyond the usual updates to iPhones, iPads, Macs, and Apple Watches, Apple is expected to release its all-new smart home hub, which was reportedly delayed until the more personalized version of Siri is ready. Other unique products rumored for ...
Read Full Article73 comments
iOS 26

What to Expect From iOS 26.4

Friday January 23, 2026 12:31 pm PST by
iOS 26.3 is shaping up to be a relatively minor update, with only a couple of notable new features, but iOS 26.4 is expected to be much more significant. We are still waiting for the iOS 26.3 Release Candidate to come out, so the first iOS 26.4 beta is likely still at least a few weeks away. Following beta testing, iOS 26.4 will likely be released to the general public at some point in March ...
Read Full Article74 comments
top stories 2026 01 24

Top Stories: iPhone 18 Pro Leaks, Siri Chatbot, Apple AI Pin, and More

Saturday January 24, 2026 6:00 am PST by
Apple rumors are starting to pick up now that we're a few weeks into 2026, and this week saw some potential clarity around conflicting iPhone 18 Pro rumors, plus some new word on Apple's plans for Siri. This week also saw a report that Apple is working on some sort of AI pin while also making progress toward a major MacBook Pro revamp, so read on below for all the details! Top Stories iPh...
Read Full Article6 comments

Top Rated Comments

HobeSoundDarryl Avatar
HobeSoundDarryl
35 months ago

I wonder how many iTunes users there still are. Especially on windows.
PC is a farrrrrrrrrrrrrrrrrrrr larger world than the bubble in which we Mac people play. Pay attention and you'll see DOS apps still running in relatively important settings- like hospitals. DOS! I just bumped into it in dominant use with a not-poor client only 3 years ago.

I would wild guess- and it is just that as I have no data to support it- there is more-to-far-more active iTunes users than Mac owners. :eek:

Here's a surprising(?) PCmag quote ('https://www.pcmag.com/news/apple-itunes-lives-on-for-windows-pc-users') from only 4 years ago...


Microsoft currently lists the Windows version of iTunes as the most popular app on its digital store, putting it ahead of Netflix and Spotify.
I clicked a link into the store to see where it ranks now ('https://www.microsoft.com/en-us/store/most-popular/apps/pc'). It's #2, right behind WhatsApp and still ahead of Netflix and Spotify.
Score: 13 Votes (Like | Disagree)
jacobgkau Avatar
jacobgkau
35 months ago

Don’t you love it when some companies tell you how to hack into others systems?

/s
I can't tell which part of your comment the sarcasm tag applies to, but the security researchers communicated the issue to Apple privately nine months ago, and waited over a week after the fix was published to disclose the issue publicly. This was a completely responsible disclosure on the researchers' part.
Score: 8 Votes (Like | Disagree)
MrMojo1 Avatar
MrMojo1
35 months ago

I wonder how many iTunes users there still are. Especially on windows.
Why do Apple users continually assume that Windows users don't own any Apple products like an iPhone?
There are lots of iPhone owners who are PC users not Mac users. Also, Windows are [still] used in many parts of the world, more than Macs, esp. in corporate settings.
Score: 8 Votes (Like | Disagree)
MrRom92 Avatar
MrRom92
35 months ago

Me too. And I have the bug that iTunes (also when syncing with Apple Music / Finder) syncs over all songs, including the ones that are already on my iPhone. Major PIA, major bug, for over 13 years now.

https://superuser.com/questions/33641/itunes-syncs-the-same-handful-of-songs-on-every-sync
https://discussions.apple.com/thread/7668361
The most ideal thing would be if apple completely did away with “syncing” or any sort of library management. Just put a folder on the device we can drag and drop any files we want to using the normal windows explorer and the songs should just show up when we open the Music app. Would resolve many, many problems with the way they’ve implemented things. And this is basically how any other personal media player functioned for the last 25 years.
Score: 7 Votes (Like | Disagree)
vertsix Avatar
vertsix
35 months ago

I wonder how many iTunes users there still are. Especially on windows.
Right here.

Still sync 23,000 songs and counting to my 1TB 13 Pro Max.
Score: 6 Votes (Like | Disagree)
Jmausmuc Avatar
Jmausmuc
35 months ago
I wonder how many iTunes users there still are. Especially on windows.
Score: 4 Votes (Like | Disagree)
Read All Comments