Apple has shipped a critical security patch for its iTunes media player to fix several gaping security holes that expose Windows users to hacker attacks. The vulnerabilities could be exploited to launch remote code execution attacks if a user simply opens an image file or surfs to a rigged Web site. The update applies to Windows 7, Windows Vista and Windows XP machines. In all, the new iTunes 9.2 fixes 40 documented vulnerabilities, most affecting the WebKit rendering engine. The WebKit vulnerabilities are the same that affected Apple s Safari browser.
Source: https://threatpost.com/webkit-security-flaws-haunt-apple-itunes-061710/74117/