Tech

Apple iTunes 12.11.4.15 for Windows XP, 7, 8 and 10 Download

iTunes is the easiest way to enjoy everything you need for entertainment – music, movies and TV shows – and it’s all easy to organize. Rent or buy movies, download your favorite TV shows, and more. iTunes is also home to Apple Music, where you can listen to millions of songs and your entire music library. Plus, download your favorite music and listen to it without Wi-Fi.

Functions

Forget looking through stacks of CDs or flipping through channels. iTunes hosts your entire music and video collection with one click, giving you full access to thousands of hours of digital entertainment. Browse. Organize. Play. Everything from your Mac or PC.

Browse your library by artist, album, release, year, rating – in any way convenient for you. Find what you’re looking for with a quick search that shows results as you type.

Convert CDs to digital music by importing them into iTunes. Organize your entire collection with customizable playlists.

Shuffle songs to mix your beat. Listen to music from other computers on your network. Play video using on-screen controls.

iTunes can also be used to sync your content to iPod, iPhone and other Apple devices.

Windows 7/8 users: The latest version to support Windows 8 and Windows 7 is iTunes 12.10.10.

What’s new

This update includes security improvements and adds support for new devices.

Mobile device service

  • Available for: Windows 7 and newer
  • Impact: The user may be able to access protected parts of the file system
  • Description. This issue was addressed through improved permissions logic.
  • CVE-2020-3861: Andrea Pierini (@decoder_it), Christian Danieli (@ padovah4ck)

libxslt

  • Available for: Windows 7 and newer
  • Impact: A remote attacker may be able to view confidential information
  • Description. A stack overflow issue was addressed with improved input validation.
  • CVE-2019-13118: found by OSS-Fuzz.

WebKit

  • Available for: Windows 7 and newer
  • Impact: Processing maliciously crafted web content may lead to generic cross-site scripting
  • Description. A logic issue was addressed with improved state management.
  • CVE-2019-8658: Akain working with Trend Micro’s Zero Day Initiative

WebKit

  • Available for: Windows 7 and newer
  • Impact: Processing maliciously crafted web content may lead to generic cross-site scripting
  • Description. There was a logical problem in handling document uploads. This issue was addressed through improved state management.
  • CVE-2019-8690: Sergey Glazunov of Google Project Zero

WebKit

  • Available for: Windows 7 and newer
  • Impact: Processing maliciously crafted web content may lead to arbitrary code execution
  • Description. Multiple memory corruption issues were addressed with improved memory handling.
  • CVE-2019-8644: G. Geshev working with Trend Micro’s Zero Day Initiative
  • CVE-2019-8666: Zongming Wang () and Zhe Jin (金 哲) from Qihoo 360 Technology Co. Chengdu Security Response Center Ltd.
  • CVE-2019-8669: Akain working with Trend Micro’s Zero Day Initiative
  • CVE-2019-8671: Apple
  • CVE-2019-8672: Samuel Gross of Google Project Zero
  • CVE-2019-8673: Soyeon Park and Wen Xu of SSLab at Georgia Institute of Technology
  • CVE-2019-8676: SSLab’s Soyeon Park and Wen Xu at Georgia Institute of Technology
  • CVE-2019-8677: Tencent KeenLab’s Jihui Lu
  • CVE-2019-8678: Anonymous Researcher Anthony Lai (@ darkfloyd1014) of Knownsec, Ken Wong (@wwkenwong) of VXRL, Chonghoon Shin (@ singi21a) of Theori, Johnny Yu (@straight_blast) of VX Browser Exploitation Group, Chris Chan ( @ dr4g0nfl4me) from VX Browser Exploitation Group, Phil Mock (@shadyhamsters) from VX Browser Exploitation Group, Alan Ho (@ alan_h0) from Knownsec, Byron Vai from VX Browser Exploitation
  • CVE-2019-8679: Tencent KeenLab’s Jihui Lu
  • CVE-2019-8680: Tencent KeenLab’s Jihui Lu
  • CVE-2019-8681: G. Geshev working with Trend Micro Zero Day Initiative
  • CVE-2019-8683: Lockhard of Google Project Zero
  • CVE-2019-8684: Lockhard of Google Project Zero
  • CVE-2019-8685: Akain, Dongzhuo Zhao working with ADLab from Venustech, Ken Wong (@wwkenwong) from VXRL, Anthony Lai (@ darkfloyd1014) from VXRL and Eric Lung (@ Khlung1) from VXRL
  • CVE-2019-8686: G. Geshev working with Trend Micro’s Zero Day Initiative
  • CVE-2019-8687: Apple
  • CVE-2019-8688: SSLab’s Insu Yun at Georgia Institute of Technology
  • CVE-2019-8689: Lockhard of Google Project Zero

WebKit

  • Available for: Windows 7 and newer
  • Impact: Processing maliciously crafted web content may lead to generic cross-site scripting
  • Description. There was a logical issue in handling synchronous page loads. This issue was addressed through improved state management.
  • CVE-2019-8649: Sergey Glazunov of Google Project Zero

Source link

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button