Apple has shipped a critical iTunes update to fix a security vulnerability that exposes Windows users to malicious hacker attacks.
The latest iTunes 9.2.1 is available for Windows XP, Windows Vista and Windows 7.
From Apple’s advisory:
A buffer overflow exists in the handling of “itpc:”URLs. Accessing a maliciously crafted “itpc:” URL may lead to anunexpected application termination or arbitrary code execution. This issue is addressed through improved bounds checking.
The patched iTunes 9.2.1 is available from Apple’s download website.