CVE-2017-7053

Name of the Vulnerable Software and Affected Versions iTunes versions prior to 12.6.2

Description The issue involves the iTunes component and is related to insufficient access control in the multimedia player. It allows attackers to execute arbitrary code in a privileged context via a crafted app. This can be exploited by a remote attacker to gain elevated privileges.

Recommendations For versions prior to 12.6.2, update to version 12.6.2 or later to resolve the issue. As a temporary workaround, consider restricting the use of the iTunes component until a patch is applied. Avoid installing crafted or untrusted apps to minimize the risk of exploitation.