Home / mailings

PDF

APPLE-SA-2017-12-13-4 iTunes 12.7.2 for Windows

Posted on 13 December 2017
Apple Security-announce

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2017-12-13-4 iTunes 12.7.2 for Windows

iTunes 12.7.2 for Windows addresses the following:

APNs Server
Available for: Windows 7 and later
Impact: An attacker in a privileged network position can track a user
Description: A privacy issue existed in the use of client
certificates. This issue was addressed through a revised protocol.
CVE-2017-13864: FURIOUSMAC Team of United States Naval Academy

WebKit
Available for: Windows 7 and later
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2017-7156: an anonymous researcher
CVE-2017-7157: an anonymous researcher
CVE-2017-13856: Jeonghoon Shin
CVE-2017-13870: an anonymous researcher
CVE-2017-13866: an anonymous researcher

Installation note:

iTunes 12.7.2 for Windows may be obtained from:
https://www.apple.com/itunes/download/

Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/

 

TOP