Posted by Apple Product Security on Mar 29

APPLE-SA-2017-03-28-2 Additional information for
APPLE-SA-2017-03-22-1 iTunes for Windows 12.6

iTunes for Windows 12.6 addresses the following:

APNs Server
Available for: Windows 7 and later
Impact: An attacker in a privileged network position can track a
user’s activity
Description: A client certificate was sent in plaintext. This issue
was addressed through improved certificate handling.
CVE-2017-2383: Matthias Wachs and Quirin Scheitle…