“Evilgrade” is a toolkit that makes it easy for attackers to install malicious software by exploiting weaknesses in the auto-update feature of many popular software titles. The tool is capable of hijacking the update process of more than 60 legitimate programs. iTunes, Java, Skype, Winamp, Superantispyware, Sunbelt, Panda Antirootkit are among the 60+ applications that can be compromised by Evilgrade. Its generally a good idea to delay installing updates until youre using a network you know, trust and hopefully control.”]
Source: https://krebsonsecurity.com/2010/11/evilgrade-gets-an-upgrade/