The iTunes Interface This is the main iTunes interface. Most of the useful functions can be reached from one interface. At the top left of the window there are the playback controls allowing you to click back and forth through songs and play or pause the songs. To the right of this is the volume control for iTunes.
About Apple security updates
For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page.
For more information about security, see the Apple Product Security page. You can encrypt communications with Apple using the Apple Product Security PGP Key.
IPhone User Guide for iOS 11.4. 2017 More ways to shop: Visit an Apple Store, call 1-800-MY-APPLE, or find a reseller. Choose your country or region. ITunes is the world's easiest way to organize and add to your digital media collection. We are unable to find iTunes on your computer. To download from the iTunes Store, get iTunes now.
Apple security documents reference vulnerabilities by CVE-ID when possible.
iTunes 12.7.4 for Windows
Released March 29, 2018
Security
Available for: Windows 7 and later
Impact: A malicious application may be able to elevate privileges
Description: A buffer overflow was addressed with improved size validation.
CVE-2018-4144: Abraham Masri (@cheesecakeufo)
WebKit
Available for: Windows 7 and later
Impact: Processing maliciously crafted web content may lead to arbitrary code execution
Description: Multiple memory corruption issues were addressed with improved memory handling.
CVE-2018-4101: Yuan Deng of Ant-financial Light-Year Security Lab
CVE-2018-4114: found by OSS-Fuzz
CVE-2018-4118: Jun Kokatsu (@shhnjk)
CVE-2018-4119: an anonymous researcher working with Trend Micro's Zero Day Initiative
CVE-2018-4120: Hanming Zhang (@4shitak4) of Qihoo 360 Vulcan Team
CVE-2018-4121: Natalie Silvanovich of Google Project Zero
CVE-2018-4122: WanderingGlitch of Trend Micro’s Zero Day Initiative
CVE-2018-4125: WanderingGlitch of Trend Micro's Zero Day Initiative
CVE-2018-4127: an anonymous researcher working with Trend Micro's Zero Day Initiative
CVE-2018-4128: Zach Markley
CVE-2018-4129: likemeng of Baidu Security Lab working with Trend Micro's Zero Day Initiative
CVE-2018-4130: Omair working with Trend Micro's Zero Day Initiative
CVE-2018-4161: WanderingGlitch of Trend Micro's Zero Day Initiative
CVE-2018-4162: WanderingGlitch of Trend Micro's Zero Day Initiative
CVE-2018-4163: WanderingGlitch of Trend Micro's Zero Day Initiative
CVE-2018-4165: Hanming Zhang (@4shitak4) of Qihoo 360 Vulcan Team
WebKit
Available for: Windows 7 and later
Impact: Unexpected interaction with indexing types causing an ASSERT failure
Description: An array indexing issue existed in the handling of a function in javascript core. This issue was addressed through improved checks.
Itunes User Manual Download
CVE-2018-4113: found by OSS-Fuzz
WebKit
Available for: Windows 7 and later
Impact: Processing maliciously crafted web content may lead to a denial of service
Description: A memory corruption issue was addressed through improved input validation.
CVE-2018-4146: found by OSS-Fuzz
WebKit
Available for: Windows 7 and later
Impact: A malicious website may exfiltrate data cross-origin
Description: A cross-origin issue existed with the fetch API. This was addressed through improved input validation.
CVE-2018-4117: an anonymous researcher, an anonymous researcher
WebKit
Available for: Windows 7 and later
Impact: Unexpected interaction causes an ASSERT failure
Description: This issue was addressed with improved checks.
CVE-2018-4207: found by OSS-Fuzz
Entry added May 2, 2018
WebKit
Available for: Windows 7 and later
Impact: Unexpected interaction causes an ASSERT failure
Description: This issue was addressed with improved checks.
CVE-2018-4208: found by OSS-Fuzz
Entry added May 2, 2018
WebKit
Available for: Windows 7 and later
Impact: Unexpected interaction causes an ASSERT failure
Description: This issue was addressed with improved checks.
CVE-2018-4209: found by OSS-Fuzz
Entry added May 2, 2018
WebKit
Available for: Windows 7 and later
Impact: Unexpected interaction with indexing types caused a failure
Description: An array indexing issue existed in the handling of a function in javascript core. This issue was addressed with improved checks.
Segawoot doorbell manual download. Download the Manual - Ring Video Doorbell 2 Ring products are designed for easy setup and use. To find the user manual for your Ring Video Doorbell 2 in your language, select it in the list below. Click here for the North American English version of the manual. Download the Manual - Ring Video Doorbell Ring products are designed for easy setup and use. To find the user manual for your Ring product in your language, select it in the list below. Click here for the North American version of the manual.
CVE-2018-4210: found by OSS-Fuzz
Entry added May 2, 2018
WebKit
Available for: Windows 7 and later
Itunes 12.7.3 Download
Impact: Unexpected interaction causes an ASSERT failure
Description: This issue was addressed with improved checks.
CVE-2018-4212: found by OSS-Fuzz
Entry added May 2, 2018
WebKit
Available for: Windows 7 and later
Impact: Unexpected interaction causes an ASSERT failure
Description: This issue was addressed with improved checks.
CVE-2018-4213: found by OSS-Fuzz
Entry added May 2, 2018
Freeware
Windows
265 MB
Your music, movies, TV shows, apps, and more. The best way to follow your favorite artists and friends — and discover the music they’re talking about, listening to, and downloading. iTunes is home to everything that entertains you.
Features:
Forget rifling through stacks of CDs or flipping through channels. iTunes puts your entire music and video collection a mere click away, giving you an all-access pass to thousands of hours of digital entertainment. Browse. Organize. Play. All from your Mac or PC.
View your library by artist, album, episode, year, rating — any way you want. Find what you’re looking for with a quick search that reveals results as you type.
Turn CDs into digital music by importing them to iTunes. Organize your entire collection with custom playlists.
Shuffle songs to mix up your groove. Listen to music from other computers on your network. Play video using onscreen controls.
iTunes can also be used to sync your content on your iPod, iPhone, and other Apple devices.
What's New:
libxslt
Available for: Windows 7 and later
Impact: A remote attacker may be able to view sensitive information
Description: A stack overflow was addressed with improved input validation.
CVE-2019-13118: found by OSS-Fuzz
WebKit
Available for: Windows 7 and later
Impact: Processing maliciously crafted web content may lead to universal cross site scripting
Description: A logic issue was addressed with improved state management.
CVE-2019-8658: akayn working with Trend Micro's Zero Day Initiative
WebKit
Available for: Windows 7 and later
Impact: Processing maliciously crafted web content may lead to universal cross site scripting
Description: A logic issue existed in the handling of document loads. This issue was addressed with improved state management.
CVE-2019-8690: Sergei Glazunov of Google Project Zero
WebKit
Available for: Windows 7 and later
Impact: Processing maliciously crafted web content may lead to arbitrary code execution
Description: Multiple memory corruption issues were addressed with improved memory handling.
CVE-2019-8644: G. Geshev working with Trend Micro's Zero Day Initiative
CVE-2019-8666: Zongming Wang (王宗明) and Zhe Jin (金哲) from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd.
CVE-2019-8669: akayn working with Trend Micro's Zero Day Initiative
CVE-2019-8671: Apple
CVE-2019-8672: Samuel Groß of Google Project Zero
CVE-2019-8673: Soyeon Park and Wen Xu of SSLab at Georgia Tech
CVE-2019-8676: Soyeon Park and Wen Xu of SSLab at Georgia Tech
CVE-2019-8677: Jihui Lu of Tencent KeenLab
CVE-2019-8678: an anonymous researcher, Anthony Lai (@darkfloyd1014) of Knownsec, Ken Wong (@wwkenwong) of VXRL, Jeonghoon Shin (@singi21a) of Theori, Johnny Yu (@straight_blast) of VX Browser Exploitation Group, Chris Chan (@dr4g0nfl4me) of VX Browser Exploitation Group, Phil Mok (@shadyhamsters) of VX Browser Exploitation Group, Alan Ho (@alan_h0) of Knownsec, Byron Wai of VX Browser Exploitation
CVE-2019-8679: Jihui Lu of Tencent KeenLab
CVE-2019-8680: Jihui Lu of Tencent KeenLab
CVE-2019-8681: G. Geshev working with Trend Micro Zero Day Initiative
CVE-2019-8683: lokihardt of Google Project Zero
CVE-2019-8684: lokihardt of Google Project Zero
CVE-2019-8685: akayn, Dongzhuo Zhao working with ADLab of Venustech, Ken Wong (@wwkenwong) of VXRL, Anthony Lai (@darkfloyd1014) of VXRL, and Eric Lung (@Khlung1) of VXRL
CVE-2019-8686: G. Geshev working with Trend Micro's Zero Day Initiative
CVE-2019-8687: Apple
CVE-2019-8688: Insu Yun of SSLab at Georgia Tech
CVE-2019-8689: lokihardt of Google Project Zero
WebKit
Itunes 12.7.4 User Manual Download
Available for: Windows 7 and later
Impact: Processing maliciously crafted web content may lead to universal cross site scripting
Description: A logic issue existed in the handling of synchronous page loads. This issue was addressed with improved state management.
CVE-2019-8649: Sergei Glazunov of Google Project Zero
Recent Apple iTunes for Windows news
130 votes
Multimedia player that supports a variety of different video codecs and formats.
Freeware
Windows
41 votes
Millions of tracks, any time you like. Just search for it in Spotify, then play it. Just help yourself to whatever you want, whenever you want it.
Freeware
Windows/macOS/Android
196 votes
A highly portable and popular multimedia player for multiple audio and video formats.