iTunes patchApple has released a massive security update for iTunes on Windows, fixing more than 160 security vulnerabilities. The new version of iTunes is one of the larger security updates by any vendor in the last few years, and many of the fixes are for WebKit vulnerabilities.

In its advisory about the iTunes update, Apple, in one of the bigger understatements in recent memory, said that the application contains “multiple memory corruption issues”. The total number of vulnerabilities fixed in iTunes 10.7 is 163 and a huge number of those bugs were discovered by members of Google’s internal security team. Many of the other vulnerabilities were discovered by a researcher who uses the name Miaubiz, who is a frequent contributor to Google’s Chrome bug bounty program.

Many of the vulnerabilities in WebKit that Apple fixed in iTunes 10.7 are from 2011. A lot of those flaws have been fixed in other applications that use WebKit, including Chrome and Safari, for some time now.

Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution,” Apple said in its advisory. “Multiple memory corruption issues existed in WebKit. These issues are addressed through improved memory handling.”

Users can get the security fixes by updating iTunes directly in the application.

Categories: Apple

Comments (7)

  1. Della
    3

    I’ve spent 2 days installing and then uninstalling version 10.7 of iTunes and the Quick Time update, dealing with Data Execution Prevention errors and more. Unfortunately, I still can not get iTunes to open and my iPhone is hung looking for an iTunes update. I’ve looked for older versions of iTunes on the Apple site but was not successful. I did not trust the old version second party sites so I’m stuck with no iTunes and a dead iPhone. If anyone can help please, please, please spell out the details for me. Thanks Della

  2. Anonymous
    4

    Security bugs maybe, but now I CAN’T PLAY SINGS ALL THE WAY THROUGH!!!!! What a joke. 

  3. Anonymous
    5

    Security bugs maybe, but now I CAN’T PLAY SONGS ALL THE WAY THROUGH!!!!! What a joke. 

  4. T
    6

    You all know that Apple is doing this only for the fact that they want you to buy their products..

    I have a Mac Book Pro and it works perfectly on that laptop, so isnt that ironic how it doesnt work on a Windows laptop?

    Its pathetic..

  5. T
    7

    You all know that Apple is doing this only for the fact that they want you to buy their products..

    I have a Mac Book Pro and it works perfectly on that laptop, so isnt that ironic how it doesnt work on a Windows laptop?

    Its pathetic..

Comments are closed.