Home Tags ITunes 12

Tag: iTunes 12

Apple, Microsoft, and Adobe all have fixes galore to test and install Security patches for Windows, macOS, iOS and other Apple firmware, and a host of Adobe products, were emitted this week. The final scheduled patch dump of the year sees Microsoft deliver fixes for multiple products, while Apple has security updates for iOS, macOS, Safari, and iTunes, and Adobe patches nine products including Flash Player and InDesign. Redmond's holiday fixes The December edition of Patch Update Tuesday will see a dozen bulletins from Microsoft to address security holes in both of its browsers as well as Windows, Office, and the .NET Framework. MS16-144 is a cumulative update for Internet Explorer to address a total of eight CVE-listed vulnerabilities that allow for web pages to perform remote code execution, data disclosure, and security bypass attacks. MS16-145 is the cumulative update for the Edge browser.
It addresses 11 flaws that could allow remote code execution and information disclosure. MS16-146 is a patch for the Microsoft Graphics Component in Windows.
It addresses three CVE-listed flaws that would allow for a malformed webpage or document to remotely execute code and harvest user information. MS16-147 fixes a bug in Windows Uniscribe that allows web pages and documents to perform remote code execution via an error in the handling of objects in memory. MS16-148 remedies 13 CVE-listed flaws in Office, including remote code execution, information disclosure, and security bypass holes.

The update is being posted for Office 2007, 2010, 2013, 2013 RT, 2016, and both versions of Office for Mac. MS16-149 covers an information disclosure hole in Windows Crypto Driver and an elevation of privilege vulnerability in the Windows Installer component.

To exploit the flaws, the victim would need to run either a specially crafted application or load an insecure library. MS16-150 addresses a single elevation of privilege flaw in the Windows Secure Kernel that could allow a malicious application to circumvent virtual trust level protections. MS16-151 fixes two elevation of privilege flaws in the Windows Kernel-Mode Driver. MS16-152 is an information disclosure bug in Windows Kernel that could allow a malicious application to harvest personal data. MS16-153 patches a single CVE-listed flaw in the Windows Common File Log system that could allow information disclosure to a malicious application. MS16-154 is Microsoft's release of the Adobe Flash Player update for Edge and Internet Explorer.
It addresses a total of 17 CVE-listed flaws. MS16-155 patches an information disclosure vulnerability in the .NET Framework. Meanwhile, in Cupertino... Apple has kicked off the week with a bundle of security updates on consecutive days.

The releases address flaws in iOS and macOS, as well as a number of Apple products for Windows. iOS 10.2 update brings with it fixes for 64 different CVE-listed vulnerabilities in the core components of iOS itself, as well as the built-in Safari browser and the WebKit browser engine.

The update can be downloaded from the iOS Software Update tool. macOS Sierra 10.12.2 includes patches to address 72 flaws, including the WebKit and Safari vulnerabilities. Safari 10.0.2 will be released for those Macs not yet on Sierra.
It contains fixes for 23 vulnerabilities in the WebKit engine and a patch for a cross-site scripting bug in the Safari reader. tvOS 10.1 will be pushed out for the AppleTV set-top box and contains patches for 49 CVE-listed flaws, 23 of those being WebKit fixes. iTunes 12.5.4 for Windows PCs brings with it 23 patches for WebKit. iCloud for Windows 6.1 remedies the 23 WebKit vulnerabilities as well as an information disclosure hole in the iCloud desktop software for Windows 7 and later. And who can forget Adobe? The media software giant chose to deliver nine updates of its own to close out the year, including its monthly Flash Player bug fix parade. Adobe Flash Player, also known as "the internet's screen door," will see 17 CVE-listed bugs patched this month for Windows, macOS, and Linux versions.
Systems running Google Chrome, Microsoft Edge, and Internet Explorer 11 or later should get the update automatically through their browser. Adobe Animate has been updated to plug a single memory corruption flaw. Adobe Experience Manager Forms will get fixes for a pair of cross-site scripting vulnerabilities. Adobe DNG Converter on Windows and Mac has been patched for a critical memory corruption vulnerability. Adobe Experience Manager is updated to protect against four cross-site scripting vulnerabilities. Adobe InDesign is now protected from a critical memory corruption vulnerability in Windows and macOS. ColdFusion Builder on Windows, macOS and Linux has been updated to address an information disclosure vulnerability. Adobe Digital Editions has been patched to address two information disclosure leaks on the Windows, macOS and Android versions of the reader software. Adobe RoboHelp has received an update to remedy a single cross-site scripting vulnerability. Users and administrators are advised to test and apply the updates as soon as possible. ® Sponsored: Flash enters the mainstream.
Visit The Register's storage hub
Microsoft® Windows OS vulnerabilities appear to be stabilising after year-long decrease, while non-Windows application vulnerabilities still on the riseMaidenhead, U.K. – 01 November, 2016 – The percentage of unpatched Microsoft Windows operating systems on private PCs seems to be stabilising after a year of steady decline.

But the level of unpatched non-Windows applications on private PCs continues to rise. These conclusions can be drawn from just-released Country Reports covering Q3 2016 for 12 countries, published by Secunia Research at Flexera Software, the leading provider of Software Vulnerability Management Solutions.

The reports provide status on vulnerable software products on private PCs in 12 countries, listing the vulnerable applications and ranking them by the extent to which they expose those PCs to hackers. Key Findings in the U.K.

Country Report Include
: 6.4 percent of users had unpatched Windows operating systems in Q3 of 2016, up from 5.4 percent in Q2 of 2016 and down from 7.9 percent in Q3, 2015. 12.8 percent of users had unpatched non-Microsoft programmes in Q3, 2016, up from 12.6 percent in Q2 of 2016 and 11.3 percent in Q3 of 2015. The top three most exposed programmes for Q3, 2016 were Oracle Java JRE 1.8.x / 8.x. (45 percent unpatched, 41 percent market share, 57 vulnerabilities), Apple iTunes 12.x (44 percent unpatched, 39 percent market share, 50 vulnerabilities), and VLC Media Player 2.x (45 percent unpatched, 36 percent market share, 7 vulnerabilities). Level of Unpatched Windows Operating Systems StabilizingThough the level of unpatched private PC Windows operating systems may tick up or down from quarter to quarter, it appears to be stabilising at lower levels compared to this time last year.

Time will tell whether this trend continues, but Microsoft’s recent announcement moving to a roll-up model for Windows 7 SP1, Windows 8.1, Windows Server 2008 R2, Windows Server 2012 and Windows Server 2012 R2 updates may help. Microsoft says all supported versions of Windows will now follow a similar update servicing model, bringing a more consistent and simplified servicing experience. “We will be tracking this closely to determine whether the recent declines in unpatched Windows operating systems are a blip or indicative of a long term trend,” said Kasper Lindgaard, Director of Secunia Research at Flexera Software. “If it is a trend, the consumer will ultimately benefit by the reduced attack surface that hackers can exploit within the Windows OS.” The Attack Surface for Non-Microsoft Applications Continues to GrowThe security news was not all rosy for private PC users.

The level of unpatched non-Microsoft programmes continues its upward trend.

The reasons are likely due to the process consumers must utilise to implement security patches. Microsoft is standardising its patch process and automation across its entire application portfolio.
In contrast, each non-Microsoft vendor may have its own patch process – requiring the user to be much more knowledgeable and diligent.

And according to the 2016 Vulnerability Review, non-Microsoft programs represent 60 percent of the applications on a computer. “Most users do not devote the time and attention necessary to keep up-to-date with the latest security patches across all the applications on their PCs.

And for non-Windows applications, it takes more effort,” added Lindgaard. “This why automated patch management systems like Corporate Software Inspector for enterprises, and Personal Software Inspector for consumers, are so important.” The 12 Country Reports are based on data from scans by Personal Software Inspector between July 1, 2016 and September 30, 2016. - # # # - Resources:Download the Q3 2016 Country Reports Learn more about: Follow us onAbout Flexera SoftwareFlexera Software helps application producers and enterprises increase application usage and security, enhancing the value they derive from their software. Our software licensing, compliance, cybersecurity and installation solutions are essential to ensure continuous licensing compliance, optimised software investments, and to future-proof businesses against the risks and costs of constantly changing technology.

A marketplace leader for more than 25 years, 80,000+ customers turn to Flexera Software as a trusted and neutral source of knowledge and expertise, and for the automation and intelligence designed into our products.

For more information, please go to: www.flexerasoftware.com. For more information, contact:Vidushi Patel/ Nicola MalesVanilla PRprflexera@vanillapr.co.uk+44 7958474632 / +447976652491 *All third-party trademarks are the property of their respective owners.

This update resolves an issue where playlist changes made on other devices may not appear in iTunes.
Languages Download icon This iTunes installer is only for Windows 7 and later on 64 bit systems that are unable to support iTunes video playback requirements on older and low end video cards. Only use this installer if you were directed to this page by the below alert message from iTunes 12.2 or later.  Using this installer on an incorrect system may prevent your system from getting the correct iTunes installer in the future.” If you haven’t already, try using the recommended installer first.  http://www.apple.com/itunes/download/ If you were directed to this page by an alert from iTunes, follow these steps: Download the iTunes installer to your Windows desktop Locate the iTunes64Setup.exe and double click to run the installer Install as you normally would. Your iTunes library will not be affected. 

Download iTunes 12.5.5

iTunes 12.5.4This update adds support for the new TV app on iPhone, iPad, iPod touch, and Apple TV.  And with Touch Bar on the new MacBook Pro, use the scrubber to easily go to different parts of songs, movies, TV shows, and more.It also includes minor app and performance improvements.