Apple has released a new version of iTunes for Windows with patches that mitigate several security vulnerabilities, including issues in WebKit and Mobile Device Service.
iTunes for Windows
The iTunes 12.12.4, released on Wednesday, contains at least five fixes for security flaws in Apple's underlying software. Users can download the update from the Windows Store or Apple's website.
iTunes 12.12.4 specifically fixes issues in AppleGraphicsControl that could lead to arbitrary code execution, an issue in ImageIO that could cause unexpected application termination, and an iTunes vulnerability that could allow an attacker to elevate their privileges.
An issue with Mobile Device Service could have allowed attackers to delete files without the necessary permissions, and a WebKit flaw could allow arbitrary code execution through maliciously crafted web content. Both of those flaws have also been fixed.
Other information about the fixed vulnerabilities can be found on Apple's website.
None of the flaws appear to have been exploited in the wild, but an update is still recommended.