PSA: If You Run Windows, Make Sure to Update iTunes to Fix Security Vulnerability

Windows users will want to make sure that they are running the latest version of iTunes, iTunes 12.12.9, in order to gain protection from a recently uncovered security vulnerability.

itunes for windows
Apple released iTunes 12.12.9 on May 23, and it fixes an issue that could allow malicious apps to gain elevated privileges to install malware on a Windows machine. While the vulnerability was addressed last week, Synopsys, the security company that discovered the problem, today shared some details on how it worked.

iTunes had a privileged folder with weak access control, allowing a malicious person to redirect the folder creation to the Windows system directory, which could then be used to obtain a higher-privileged system shell.

The iTunes application creates a folder, SC Info, in the C:\ProgramData\Apple Computer\iTunes directory as a system user and gives full control over this directory to all users. After the installation, the first user to run the iTunes application can delete the SC Info folder, create a link to the Windows system folder, and re-create the folder by forcing an MSI repair, which can be later used to gain Windows SYSTEM level access.

All versions of iTunes prior to 12.12.9 are impacted by this vulnerability, and so iTunes users who are running older versions of the software should make sure to update.

Synopsys first discovered the problem in September 2022, and told Apple about it at that point. Apple confirmed the vulnerability in November, and then patched it in May. Apple did not say that this exploit was known to have been used in the wild so it is not as critical as some other vulnerabilities, but it is still a good idea to install the latest version of iTunes right away.

Related Forum: Mac Apps

Popular Stories

iOS 26

iOS 26.2 Coming Soon With These 8 New Features on Your iPhone

Thursday December 11, 2025 8:49 am PST by
Apple seeded the second iOS 26.2 Release Candidate to developers earlier this week, meaning the update will be released to the general public very soon. Apple confirmed iOS 26.2 would be released in December, but it did not provide a specific date. We expect the update to be released by early next week. iOS 26.2 includes a handful of new features and changes on the iPhone, such as a new...
Google maps feaure

Google Maps Quietly Added This Long-Overdue Feature for Drivers

Wednesday December 10, 2025 2:52 am PST by
Google Maps on iOS quietly gained a new feature recently that automatically recognizes where you've parked your vehicle and saves the location for you. Announced on LinkedIn by Rio Akasaka, Google Maps' senior product manager, the new feature auto-detects your parked location even if you don't use the parking pin function, saves it for up to 48 hours, and then automatically removes it once...
Foldable iPhone 2023 Feature 1

Apple to Make More Foldable iPhones Than Expected [Updated]

Tuesday December 9, 2025 9:59 am PST by
Apple has ordered 22 million OLED panels from Samsung Display for the first foldable iPhone, signaling a significantly larger production target than the display industry had previously anticipated, ET News reports. In the now-seemingly deleted report, ET News claimed that Samsung plans to mass-produce 11 million inward-folding OLED displays for Apple next year, as well as 11 million...
AirPods Pro Firmware Feature

Apple Releases New Firmware for AirPods Pro 2 and AirPods Pro 3

Thursday December 11, 2025 11:28 am PST by
Apple today released new firmware designed for the AirPods Pro 3 and the prior-generation AirPods Pro 2. The AirPods Pro 3 firmware is 8B30, up from 8B25, while the AirPods Pro 2 firmware is 8B28, up from 8B21. There's no word on what's include in the updated firmware, but the AirPods Pro 2 and AirPods Pro 3 are getting expanded support for Live Translation in the European Union in iOS...
iOS 26

15 New Things Your iPhone Can Do in iOS 26.2

Friday December 5, 2025 9:40 am PST by
Apple is about to release iOS 26.2, the second major point update for iPhones since iOS 26 was rolled out in September, and there are at least 15 notable changes and improvements worth checking out. We've rounded them up below. Apple is expected to roll out iOS 26.2 to compatible devices sometime between December 8 and December 16. When the update drops, you can check Apple's servers for the ...
AirTag 2 Mock Feature

Apple AirTag 2: Four New Features Found in iOS 26 Code

Thursday December 11, 2025 10:31 am PST by
The AirTag 2 will include a handful of new features that will improve tracking capabilities, according to a new report from Macworld. The site says that it was able to access an internal build of iOS 26, which includes references to multiple unreleased products. Here's what's supposedly coming: An improved pairing process, though no details were provided. AirTag pairing is already...
iOS 26

Apple Seeds Second iOS 26.2 Release Candidate to Developers and Public Beta Testers

Monday December 8, 2025 10:18 am PST by
Apple today seeded the second release candidate version of iOS 26.2 to developers and public beta testers, with the software coming one week after Apple seeded the first RC. The release candidate represents the final version iOS 26.2 that will be provided to the public if no further bugs are found. Registered developers and public beta testers can download the betas from the Settings app on...
iPhone 14 Pro Dynamic Island

iPhone 18 Pro Leak Adds New Evidence for Under-Display Face ID

Monday December 8, 2025 4:54 am PST by
Apple is actively testing under-screen Face ID for next year's iPhone 18 Pro models using a special "spliced micro-transparent glass" window built into the display, claims a Chinese leaker. According to "Smart Pikachu," a Weibo account that has previously shared accurate supply-chain details on Chinese Android hardware, Apple is testing the special glass as a way to let the TrueDepth...
studio display purple

Apple Studio Display 2 Code Hints at 120Hz ProMotion, HDR, A19 Chip

Thursday December 11, 2025 4:19 am PST by
Apple's next-generation Studio Display is expected to arrive early next year, and a new report allegedly provides a couple more details on the external monitor's capabilities. According to internal Apple code seen by Macworld, the new external display will feature a variable refresh rate capable of up to 120Hz – aka ProMotion – as well as support for HDR content. The current Studio...
ipad blue prime day

iPad 12 Rumored to Get iPhone 17's A19 Chip, Breaking Apple Tradition

Wednesday December 10, 2025 12:22 pm PST by
The next-generation low-cost iPad will use Apple's A19 chip, according to a report from Macworld. Macworld claims to have seen an "internal Apple code document" with information about the 2026 iPad lineup. Prior documentation discovered by MacRumors suggested that the iPad 12 would be equipped with an A18 chip, not an A19 chip. The A19 chip was just released this year in the iPhone 17, and...

Top Rated Comments

HobeSoundDarryl Avatar
33 months ago

I wonder how many iTunes users there still are. Especially on windows.
PC is a farrrrrrrrrrrrrrrrrrrr larger world than the bubble in which we Mac people play. Pay attention and you'll see DOS apps still running in relatively important settings- like hospitals. DOS! I just bumped into it in dominant use with a not-poor client only 3 years ago.

I would wild guess- and it is just that as I have no data to support it- there is more-to-far-more active iTunes users than Mac owners. :eek:

Here's a surprising(?) PCmag quote ('https://www.pcmag.com/news/apple-itunes-lives-on-for-windows-pc-users') from only 4 years ago...


Microsoft currently lists the Windows version of iTunes as the most popular app on its digital store, putting it ahead of Netflix and Spotify.
I clicked a link into the store to see where it ranks now ('https://www.microsoft.com/en-us/store/most-popular/apps/pc'). It's #2, right behind WhatsApp and still ahead of Netflix and Spotify.
Score: 13 Votes (Like | Disagree)
jacobgkau Avatar
33 months ago

Don’t you love it when some companies tell you how to hack into others systems?

/s
I can't tell which part of your comment the sarcasm tag applies to, but the security researchers communicated the issue to Apple privately nine months ago, and waited over a week after the fix was published to disclose the issue publicly. This was a completely responsible disclosure on the researchers' part.
Score: 8 Votes (Like | Disagree)
MrMojo1 Avatar
33 months ago

I wonder how many iTunes users there still are. Especially on windows.
Why do Apple users continually assume that Windows users don't own any Apple products like an iPhone?
There are lots of iPhone owners who are PC users not Mac users. Also, Windows are [still] used in many parts of the world, more than Macs, esp. in corporate settings.
Score: 8 Votes (Like | Disagree)
MrRom92 Avatar
33 months ago

Me too. And I have the bug that iTunes (also when syncing with Apple Music / Finder) syncs over all songs, including the ones that are already on my iPhone. Major PIA, major bug, for over 13 years now.

https://superuser.com/questions/33641/itunes-syncs-the-same-handful-of-songs-on-every-sync
https://discussions.apple.com/thread/7668361
The most ideal thing would be if apple completely did away with “syncing” or any sort of library management. Just put a folder on the device we can drag and drop any files we want to using the normal windows explorer and the songs should just show up when we open the Music app. Would resolve many, many problems with the way they’ve implemented things. And this is basically how any other personal media player functioned for the last 25 years.
Score: 7 Votes (Like | Disagree)
vertsix Avatar
33 months ago

I wonder how many iTunes users there still are. Especially on windows.
Right here.

Still sync 23,000 songs and counting to my 1TB 13 Pro Max.
Score: 6 Votes (Like | Disagree)
Jmausmuc Avatar
33 months ago
I wonder how many iTunes users there still are. Especially on windows.
Score: 4 Votes (Like | Disagree)