The latest update to the Windows version of Apple’s popular iTunesmedia player closes an alarming number of security holes. According to the company, iTunes 10.7 for Windows addresses a total of 163 vulnerabilities, all of which are in the WebKit browser engine used by the media player to display HTML-based pages in its iTunes Store.
Apple notes that these security issues could be exploited by an attacker to, at worst, inject and execute arbitrary code on a victim’s system. While users cannot navigate to any web site in iTunes, users should not take these issues lightly: when connected to a public network, an attacker could use a man-in-the-middle attack to manipulate network traffic, directing users to maliciously crafted pages to exploit the holes. The worrying thing about this update is that these memory corruption issues have been fixed in other applications for some time now. Google’s Chrome web browser, which also uses WebKit, corrected a number of these flawsnearly six months ago in Chrome 18, while Apple itself fixed many of the problems in July with the release of Safari 6.
The Mac OS X version of iTunes 10.7 doesn’t include any security fixes. These problems have already been addressed in the previous updates to Apple’s Safari web browser. Non-security-related changes in iTunes 10.7 include the addition of support for the upcoming iOS 6 release and Apple’s new iPod nano and iPod touch models.
A full list of security fixes in the new version of iTunes can be found in the security mailing list release announcement. Version 10.7 of iTunes is available to download for Windows (32- and 64-bit), and Mac OS X 10.6.8 or later. Existing users can use the Apple Software Update for Windows or the built-in Software Update function under Mac OS X. All users are advised to upgrade.