14 DAY TRIAL // The latest variant of iTunes was recently released by Apple and besides the other bug fixes and feature additions, the 10.5.1 version comes with an important security patch that resolves a man-in-the-middle vulnerability.
Because iTunes periodically checks for updates using an HTTP request, it could have permitted an attacker to serve malicious software that would seem to originate from Apple, when they were prompted to install an update. This could have occurred in the situation where the customers didn't have the Software Update for Windows installed.
“This issue has been mitigated by using a secured connection when checking for available updates.,” reads the security update bulletin.
All users are advised to download the latest version to make sure they're protected against a potential attack that could cost them their assets.
iTunes 10.5.1.42 for Windows is available for download here.