Apple has shipped a new version of its iTunes media player to fix 13 security flaws that can be exploited to launch attacks against Windows machines. The patches in the new iTunes 10 covers vulnerabilities in WebKit, the open-source web browser engine. The iTunes 10 update is available Windows 7, Windows Vista and Windows XP SP2 or later, and is available for Windows 7 and Vista users with the latest version of the player. The vulnerabilities, already patched in Safari, expose Windows users to remote code execution attacks via malicious Web sites.
Source: https://threatpost.com/webkit-flaws-haunt-apple-itunes-090210/74420/

