Apple officially released iTunes 12.12.9 update for Win10 and Win11 on May 23, which focuses on fixing the privilege escalation vulnerability and recommends users install it as soon as possible.
According to a press release on Apple’s website, malware can install malware on Win10 and Win11 devices by elevating privileges through a vulnerability on iTunes. Apple fixed the vulnerability in an iTunes update released last week, and Synopsys, the security firm that discovered the vulnerability, shared more details today.
The details of the vulnerability according to the report as follows:
- Previously, a vulnerability in the control of folder permissions in iTunes for PC allowed an attacker to create a folder that redirected to the Windows system directory, which could be used to obtain a higher privileged system shell.
- The iTunes application creates a folder SC Info in the C:\ProgramData/Apple Computer/iTunes directory as the system user and grants full control of this directory to all users.
- Users running the iTunes application can delete the SC Info folder, create a link to the Windows system folder, and recreate the folder by forcing an MSI fix that can later be used to gain Windows SYSTEM-level access.
Synopsys first discovered the issue in September 2022 and told Apple about it at the time. Apple confirmed the vulnerability last November and then patched it in May.