APPLE-SA-2018-10-30-13 Additional information for APPLE-SA-2018-9-24-2 iTunes 12.9 for Windows

Posted by Apple Product Security on Oct 31APPLE-SA-2018-10-30-13 Additional information for
APPLE-SA-2018-9-24-2 iTunes 12.9 for Windows

iTunes 12.9 for Windows addresses the following:

CFNetwork
Available for: Windows 7 and later
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2018-4126: Bruno Keith (@bkth_) working with Trend Micro’s Zero
Day Initiative…

Link: http://seclists.org/bugtraq/2018/Oct/55