Apple has shipped a new version of its iTunes media player to fix 13 security flaws that cold be exploited to launch attacks against Windows machines.

The patches in the new iTunes 10 covers vulnerabilities in WebKit, the open-source web browser engine. 

The WebKit vulnerabilities, already patched in Safari, expose Windows users to remote code execution attacks via maliciously crafted Web sites.

The iTunes 10 update is available  Windows 7, Windows Vista and Windows XP SP2 or later.

Categories: Vulnerabilities, Web Security