Apple has released a new version of iTunes for Windows with patches that mitigate several security vulnerabilities, including issues in WebKit and Mobile Device Service.
iTunes 12.12.4 specifically fixes issues in AppleGraphicsControl that could lead to arbitrary code execution, an issue in ImageIO that could cause unexpected application termination, and an iTunes vulnerability that could allow an attacker to elevate their privileges.
An issue with Mobile Device Service could have allowed attackers to delete files without the necessary permissions, and a WebKit flaw could allow arbitrary code execution through maliciously crafted web content. Both of those flaws have also been fixed.
Other information about the fixed vulnerabilities can be found on Apple's website.
None of the flaws appear to have been exploited in the wild, but an update is still recommended.