PSA: If You Run Windows, Make Sure to Update iTunes to Fix Security Vulnerability
Windows users will want to make sure that they are running the latest version of iTunes, iTunes 12.12.9, in order to gain protection from a recently uncovered security vulnerability.
Apple released iTunes 12.12.9 on May 23, and it fixes an issue that could allow malicious apps to gain elevated privileges to install malware on a Windows machine. While the vulnerability was addressed last week, Synopsys, the security company that discovered the problem, today shared some details on how it worked.
iTunes had a privileged folder with weak access control, allowing a malicious person to redirect the folder creation to the Windows system directory, which could then be used to obtain a higher-privileged system shell.
The iTunes application creates a folder, SC Info, in the C:\ProgramData\Apple Computer\iTunes directory as a system user and gives full control over this directory to all users. After the installation, the first user to run the iTunes application can delete the SC Info folder, create a link to the Windows system folder, and re-create the folder by forcing an MSI repair, which can be later used to gain Windows SYSTEM level access.
All versions of iTunes prior to 12.12.9 are impacted by this vulnerability, and so iTunes users who are running older versions of the software should make sure to update.
Synopsys first discovered the problem in September 2022, and told Apple about it at that point. Apple confirmed the vulnerability in November, and then patched it in May. Apple did not say that this exploit was known to have been used in the wild so it is not as critical as some other vulnerabilities, but it is still a good idea to install the latest version of iTunes right away.
Popular Stories
Apple today seeded the release candidate version of iOS 18.5 to developers and public beta testers, giving us a look at the final version of the update that will be provided to the public next week.
With the release candidate, Apple provided release notes, so we have a more complete look at the new features that are included in the update, including those that weren't found during the beta...
If you owned a Siri-compatible device and had an accidental Siri activation between September 17, 2014 and December 31, 2024, you could be eligible for a payment from Apple as part of a class action lawsuit settlement.
Apple in January agreed to pay $95 million to settle a class action lawsuit involving Siri spying accusations, and a website to distribute the funds has now been set up and...
We've still got months to go before the new iPhone 17 models come out, but a combination of dummy models and leaks have given us some insight into what we can expect in terms of camera changes.
Apple is adding new camera features, and changing the design of the camera bump for some models. You might be skeptical of dummy models, but over the years, they've proven to be a highly accurate...
In its press release for the new Pride Band today, Apple said that iOS 18.5 is "upcoming," following more than a month of beta testing.
We expect the iOS 18.5 Release Candidate to be released this week, and this should be the final beta version, barring any last-minute bugs or changes. The software update should then be released to the general public next week.
iOS 18.5 is a relatively...
The first iOS 19 beta is just one month away, and there are already many new features and changes that are expected with it.
Apple should seed the first iOS 19 beta to developers immediately following the WWDC 2025 keynote, which is scheduled for Monday, June 9. Following beta testing, the update should be released to the general public in September.
Below, we recap the key iOS 19 rumors...
Apple plans to release its first foldable iPhone next year, according to several reporters and analysts who cover the company.
In his Power On newsletter today, Bloomberg's Mark Gurman said the foldable iPhone will offer two key advantages over other foldable smartphones.
First, he said the foldable iPhone will have a "nearly invisible" crease when unfolded. This means the device's...
Apple's upcoming foldable iPhone will feature a new type of display panel developed by Samsung that has never been used in a foldable product, claims a source with links to Apple's supply chain.
According to the account yeux1122 on the Korean Naver blog, the foldable iPhone will use a custom display process for which Apple will hold branding trademark rights, and that meets Apple's stringent ...
Despite being more than two years old, Apple's AirPods Pro 2 still dominate the premium wireless‑earbud space, thanks to a potent mix of top‑tier audio, class‑leading noise cancellation, and Apple's habit of delivering major new features through software updates. With AirPods Pro 3 widely expected to arrive in 2025, prospective buyers now face a familiar dilemma: snap up the proven...
