Technology peripheralsIt IndustryApple releases iTunes update, fixes important vulnerabilities, reminds users to upgrade as soon as possibleApple releases iTunes update, fixes important vulnerabilities, reminds users to upgrade as soon as possible
News on June 2, Apple officials recently released a message that they will launch iTunes for Windows 10 and Windows 11 on May 23 Version 12.12.9 updated. The focus of this update is to fix an important privilege escalation vulnerability, and users are advised to install the update as soon as possible to ensure the security of their devices.
According to a press release issued on Apple’s official website, this privilege escalation vulnerability exists in the old version of iTunes for PC. Malware can use this vulnerability to escalate privileges and run on Windows 10 and Windows 10. 11 Malware installed on the device. The specific details of the vulnerability were confirmed by security firm Synopsys and were shared publicly in a recent vulnerability disclosure.
# According to the editor’s understanding, this vulnerability mainly involves the control of folder permissions in the PC version of iTunes. An attacker could exploit this vulnerability to create a folder redirection pointing to a Windows system directory to gain a higher-privileged system shell. The iTunes application will be stored in C:\ProgramData\Apple as the system user Create a folder named "SC Info" in the Computer\iTunes directory and grant full control of the folder to all users.
Users running the iTunes application can delete the "SC Info" folder and create a link to the Windows system folder. By forcing an MSI repair operation, "SC Info" folder will be recreated, allowing the attacker to gain Windows system-level access.
In September 2022, Synopsys security company first discovered the vulnerability and reported related issues to Apple . Apple confirmed the vulnerability in November last year and fixed it in an iTunes update in May this year. To ensure that devices are protected from potential threats, Apple wants users to install the latest version of iTunes, so this update was carried out .
Apple has always been committed to ensuring the security and privacy of users. They encourage users to update their software in a timely manner to enjoy the latest features and fix known vulnerabilities. They also recommend that users pay attention to security tips and recommendations from official channels. Avoid downloading and installing applications from unknown sources.
Although Apple has released updates to fix vulnerabilities, as users, we still need to remain vigilant and take security measures, including regularly updating software and installing reliable security protection software, and avoid clicking on suspicious links and downloading unverified apps to keep our devices and personal information safe.
The above is the detailed content of Apple releases iTunes update, fixes important vulnerabilities, reminds users to upgrade as soon as possible. For more information, please follow other related articles on the PHP Chinese website!
Top 21 Developer Newsletters to Subscribe To in 2025Apr 24, 2025 am 08:28 AMStay informed about the latest tech trends with these top developer newsletters! This curated list offers something for everyone, from AI enthusiasts to seasoned backend and frontend developers. Choose your favorites and save time searching for rel
Serverless Image Processing Pipeline with AWS ECS and LambdaApr 18, 2025 am 08:28 AMThis tutorial guides you through building a serverless image processing pipeline using AWS services. We'll create a Next.js frontend deployed on an ECS Fargate cluster, interacting with an API Gateway, Lambda functions, S3 buckets, and DynamoDB. Th
CNCF Arm64 Pilot: Impact and InsightsApr 15, 2025 am 08:27 AMThis pilot program, a collaboration between the CNCF (Cloud Native Computing Foundation), Ampere Computing, Equinix Metal, and Actuated, streamlines arm64 CI/CD for CNCF GitHub projects. The initiative addresses security concerns and performance lim
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
MantisBT
Mantis is an easy-to-deploy web-based defect tracking tool designed to aid in product defect tracking. It requires PHP, MySQL and a web server. Check out our demo and hosting services.
mPDF
mPDF is a PHP library that can generate PDF files from UTF-8 encoded HTML. The original author, Ian Back, wrote mPDF to output PDF files "on the fly" from his website and handle different languages. It is slower than original scripts like HTML2FPDF and produces larger files when using Unicode fonts, but supports CSS styles etc. and has a lot of enhancements. Supports almost all languages, including RTL (Arabic and Hebrew) and CJK (Chinese, Japanese and Korean). Supports nested block-level elements (such as P, DIV),
SublimeText3 Linux new version
SublimeText3 Linux latest version
Safe Exam Browser
Safe Exam Browser is a secure browser environment for taking online exams securely. This software turns any computer into a secure workstation. It controls access to any utility and prevents students from using unauthorized resources.
SecLists
SecLists is the ultimate security tester's companion. It is a collection of various types of lists that are frequently used during security assessments, all in one place. SecLists helps make security testing more efficient and productive by conveniently providing all the lists a security tester might need. List types include usernames, passwords, URLs, fuzzing payloads, sensitive data patterns, web shells, and more. The tester can simply pull this repository onto a new test machine and he will have access to every type of list he needs.
