iTunes has an arbitrary code execution vulnerability, potentially enabling attackers to execute malicious code. Apple has issued a security advisory to address this. The company stated it won’t discuss or confirm security issues until investigations are complete and patches are available.
iTunes for Windows Vulnerability
The vulnerability, tracked as CVE-2024-27793, is currently unclassified in severity. It affects Windows versions of iTunes prior to 12.13.1, potentially enabling the parsing of a malicious file, leading to unexpected code execution or program termination on affected devices.
Apple has implemented “improving checks” before parsing malicious files to resolve this issue, reported by Willy R. Vasquez from the University of Texas at Austin.
Recommendation
Users of Apple iTunes for Windows are urged to update to version 12.13.2 to address this issue.
A high-risk alert from CERT-In has been issued due to a severe vulnerability affecting various Apple products, including iPhones, MacBooks, iPads, and Vision Pro headsets.
This vulnerability poses a significant security risk as it could allow attackers to remotely execute arbitrary code.
To prevent threat actors from exploiting such vulnerabilities, it is recommended to upgrade Apple products to the latest versions available.
Follow Us on: Twitter, Instagram, Facebook to get the latest security news!
Leave A Comment