PSA: If You Run Windows, Make Sure to Update iTunes to Fix Security Vulnerability

by

Windows users will want to make sure that they are running the latest version of iTunes, iTunes 12.12.9, in order to gain protection from a recently uncovered security vulnerability.

itunes for windows
Apple released iTunes 12.12.9 on May 23, and it fixes an issue that could allow malicious apps to gain elevated privileges to install malware on a Windows machine. While the vulnerability was addressed last week, Synopsys, the security company that discovered the problem, today shared some details on how it worked.

iTunes had a privileged folder with weak access control, allowing a malicious person to redirect the folder creation to the Windows system directory, which could then be used to obtain a higher-privileged system shell.

The iTunes application creates a folder, SC Info, in the C:\ProgramData\Apple Computer\iTunes directory as a system user and gives full control over this directory to all users. After the installation, the first user to run the iTunes application can delete the SC Info folder, create a link to the Windows system folder, and re-create the folder by forcing an MSI repair, which can be later used to gain Windows SYSTEM level access.

All versions of iTunes prior to 12.12.9 are impacted by this vulnerability, and so iTunes users who are running older versions of the software should make sure to update.

Synopsys first discovered the problem in September 2022, and told Apple about it at that point. Apple confirmed the vulnerability in November, and then patched it in May. Apple did not say that this exploit was known to have been used in the wild so it is not as critical as some other vulnerabilities, but it is still a good idea to install the latest version of iTunes right away.

Tags: iTunes, Windows
Related Forum: Mac Apps

Popular Stories

iPhone Top Left Hole Punch Face ID Feature Purple

iPhone 18 Pro Launching Later This Year With These 12 New Features

Thursday January 15, 2026 10:56 am PST by
While the iPhone 18 Pro and iPhone 18 Pro Max are not expected to launch for another eight months, there are already plenty of rumors about the devices. Below, we have recapped 12 features rumored for the iPhone 18 Pro models, as of January 2026: The same overall design is expected, with 6.3-inch and 6.9-inch display sizes, and a "plateau" housing three rear cameras Under-screen Face ID...
Read Full Article74 comments
Apple MacBook Pro M4 hero

These 5 Apple Products Will Reportedly Be Upgraded With OLED Displays

Friday January 16, 2026 7:07 pm PST by
Apple plans to upgrade the iPad mini, MacBook Pro, iPad Air, iMac, and MacBook Air with OLED displays between 2026 and 2028, according to DigiTimes. Bloomberg's Mark Gurman previously reported that the iPad mini and MacBook Pro will receive an OLED display as early as this year, but he does not expect the MacBook Air to adopt the technology until 2028 at the earliest. A new iPad Air is...
Read Full Article78 comments
iOS 27 Mock Quick

iOS 27 Will Add These 8 New Features to Your iPhone

Sunday January 18, 2026 3:51 pm PST by
iOS 27 is still many months away, but there are already plenty of rumors about new features that will be included in the software update. The first beta of iOS 27 will be released during WWDC 2026 in June, and the update should be released to all users with a compatible iPhone in September. Bloomberg's Mark Gurman said that iOS 27 will be similar to Mac OS X Snow Leopard, in the sense...
Read Full Article97 comments
Apple Wallet ID Illinois

Apple Plans to Expand iPhone Driver's Licenses to These 7 U.S. States

Friday January 16, 2026 12:12 pm PST by
In select U.S. states, residents can add their driver's license or state ID to the Apple Wallet app on the iPhone and Apple Watch, and then use it to display proof of identity or age at select airports and businesses, and in select apps. The feature is currently available in 13 U.S. states and Puerto Rico, and it is expected to launch in at least seven more in the future. To set up the...
Read Full Article
14 inch MacBook Pro Keyboard

MacBook Pro Buyers Now Facing Up to a Two-Month Wait Ahead of New Models

Sunday January 18, 2026 6:50 pm PST by
MacBook Pro availability is tightening on Apple's online store, with select configurations facing up to a two-month delivery timeframe in the United States. A few 14-inch and 16-inch MacBook Pro configurations with an M4 Pro chip are not facing any shipping delay, but estimated delivery dates for many configurations with an M4 Max chip range from February 6 to February 24 or even later. At...
Read Full Article83 comments

Top Rated Comments

HobeSoundDarryl Avatar
HobeSoundDarryl
35 months ago

I wonder how many iTunes users there still are. Especially on windows.
PC is a farrrrrrrrrrrrrrrrrrrr larger world than the bubble in which we Mac people play. Pay attention and you'll see DOS apps still running in relatively important settings- like hospitals. DOS! I just bumped into it in dominant use with a not-poor client only 3 years ago.

I would wild guess- and it is just that as I have no data to support it- there is more-to-far-more active iTunes users than Mac owners. :eek:

Here's a surprising(?) PCmag quote ('https://www.pcmag.com/news/apple-itunes-lives-on-for-windows-pc-users') from only 4 years ago...


Microsoft currently lists the Windows version of iTunes as the most popular app on its digital store, putting it ahead of Netflix and Spotify.
I clicked a link into the store to see where it ranks now ('https://www.microsoft.com/en-us/store/most-popular/apps/pc'). It's #2, right behind WhatsApp and still ahead of Netflix and Spotify.
Score: 13 Votes (Like | Disagree)
jacobgkau Avatar
jacobgkau
35 months ago

Don’t you love it when some companies tell you how to hack into others systems?

/s
I can't tell which part of your comment the sarcasm tag applies to, but the security researchers communicated the issue to Apple privately nine months ago, and waited over a week after the fix was published to disclose the issue publicly. This was a completely responsible disclosure on the researchers' part.
Score: 8 Votes (Like | Disagree)
MrMojo1 Avatar
MrMojo1
35 months ago

I wonder how many iTunes users there still are. Especially on windows.
Why do Apple users continually assume that Windows users don't own any Apple products like an iPhone?
There are lots of iPhone owners who are PC users not Mac users. Also, Windows are [still] used in many parts of the world, more than Macs, esp. in corporate settings.
Score: 8 Votes (Like | Disagree)
MrRom92 Avatar
MrRom92
35 months ago

Me too. And I have the bug that iTunes (also when syncing with Apple Music / Finder) syncs over all songs, including the ones that are already on my iPhone. Major PIA, major bug, for over 13 years now.

https://superuser.com/questions/33641/itunes-syncs-the-same-handful-of-songs-on-every-sync
https://discussions.apple.com/thread/7668361
The most ideal thing would be if apple completely did away with “syncing” or any sort of library management. Just put a folder on the device we can drag and drop any files we want to using the normal windows explorer and the songs should just show up when we open the Music app. Would resolve many, many problems with the way they’ve implemented things. And this is basically how any other personal media player functioned for the last 25 years.
Score: 7 Votes (Like | Disagree)
vertsix Avatar
vertsix
35 months ago

I wonder how many iTunes users there still are. Especially on windows.
Right here.

Still sync 23,000 songs and counting to my 1TB 13 Pro Max.
Score: 6 Votes (Like | Disagree)
Jmausmuc Avatar
Jmausmuc
35 months ago
I wonder how many iTunes users there still are. Especially on windows.
Score: 4 Votes (Like | Disagree)
Read All Comments