PSA: If You Run Windows, Make Sure to Update iTunes to Fix Security Vulnerability
Windows users will want to make sure that they are running the latest version of iTunes, iTunes 12.12.9, in order to gain protection from a recently uncovered security vulnerability.
Apple released iTunes 12.12.9 on May 23, and it fixes an issue that could allow malicious apps to gain elevated privileges to install malware on a Windows machine. While the vulnerability was addressed last week, Synopsys, the security company that discovered the problem, today shared some details on how it worked.
iTunes had a privileged folder with weak access control, allowing a malicious person to redirect the folder creation to the Windows system directory, which could then be used to obtain a higher-privileged system shell.
The iTunes application creates a folder, SC Info, in the C:\ProgramData\Apple Computer\iTunes directory as a system user and gives full control over this directory to all users. After the installation, the first user to run the iTunes application can delete the SC Info folder, create a link to the Windows system folder, and re-create the folder by forcing an MSI repair, which can be later used to gain Windows SYSTEM level access.
All versions of iTunes prior to 12.12.9 are impacted by this vulnerability, and so iTunes users who are running older versions of the software should make sure to update.
Synopsys first discovered the problem in September 2022, and told Apple about it at that point. Apple confirmed the vulnerability in November, and then patched it in May. Apple did not say that this exploit was known to have been used in the wild so it is not as critical as some other vulnerabilities, but it is still a good idea to install the latest version of iTunes right away.
Popular Stories
We've been focusing on deals on physical products over the past few weeks, but Black Friday is also a great time of year to purchase a streaming membership. Some of the biggest services have great discounts for new and select returning members this week, including Disney+, Hulu, Paramount+, Peacock, and more.
Note: MacRumors is an affiliate partner with some of these vendors. When you click a...
iOS 27 will reportedly have two major elements: quality improvements and new AI features.
In his Power On newsletter today, Bloomberg's Mark Gurman said that iOS 27 will be similar to Mac OS X Snow Leopard, in the sense that Apple is focused on improving "quality and underlying performance" over adding new features.
Gurman said there is one exception to this rule, though, as he expects...
We're only a few days away from Black Friday, which will take place on Friday, November 28 in 2025. As always, this will be the best time of the year to shop for great deals, including popular Apple products like AirPods, iPad, Apple Watch, and more. In this article, the majority of the discounts will be found on Amazon.
Note: MacRumors is an affiliate partner with some of these vendors. When...
iOS 26.2 is currently in beta testing. The upcoming update includes a handful of new features and changes on the iPhone, including a new Liquid Glass slider for the Lock Screen's clock, offline lyrics for Apple Music, and more.
In a recent press release, Apple confirmed that iOS 26.2 will be released to all users in December, but it did not provide a specific release date.
Keep reading...
On this week's episode of The MacRumors Show, we talk through all of the new features and improvements expected to come to next year's iPhone 18 Pro and iPhone 18 Pro Max models.
Subscribe to The MacRumors Show YouTube channel for more videos
Apple's next-generation iPhones are less than ten months away and we already have a good idea about what to expect based on corroborated leaks, rumors,...
Apple's first foldable iPhone is expected to launch alongside the iPhone 18 Pro models in fall 2026, and it's shaping up to include three standout features that could set it apart from the competition.
The book-style foldable will reportedly feature an industry-first 24-megapixel under-display camera built into the inner display, according to a recent JP Morgan equity research report. That...
American multinational news company CNN has abruptly pulled its content from Apple News, Semafor reports.
CNN quietly removed its stories from Apple News over the weekend and there is no longer a feed from the network to subscribe to in the app. This effectively ends its distribution agreement with Apple while the two sides negotiate new terms. Discussions are apparently ongoing and CNN's...
Black Friday deals have begun, and Amazon is one of the best places you can find steep discounts on numerous products this week. We've already collected all of the best Apple-related deals you'll find at Amazon (and other retailers) in our Apple Black Friday Deals post, so below you'll find other discounts on devices like Anker accessories, Beats headphones, video games, TVs, and more.
Note:...
Apple's annual four-day Black Friday through Cyber Monday shopping event is returning on Friday, November 28 through Monday, December 1 in many countries, including the United States, Canada, Australia, New Zealand, France, Germany, Italy, Spain, the United Kingdom, Belgium, the Netherlands, Sweden, Thailand, and others.
During the shopping event, customers can get an Apple gift card with...
