Apple has shipped a critical iTunes update to fix a security vulnerability that exposes Windows users to malicious hacker attacks.
The latest iTunes 9.2.1 is available for Windows XP, Windows Vista and Windows 7.
From Apple’s advisory:
A buffer overflow exists in the handling of “itpc:”URLs. Accessing a maliciously crafted “itpc:” URL may lead to anunexpected application termination or arbitrary code execution. This issue is addressed through improved bounds checking.
The patched iTunes 9.2.1 is available from Apple’s download website.
Original post on ZDnet.com