Apple has released an update to iTunes 9.2.1 which provides stability and security improvements. This includes addressing the buffer overflow reported in CVE-2010-1777. Users and administrators should apply this update immediately.
CVE-ID: CVE-2010-1777
Available for: Mac OS X v10.4.11 or later, Windows 7, Vista, XP SP2 or later
Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution
Description: A buffer overflow exists in the handling of "itpc:" URLs. Accessing a maliciously crafted "itpc:" URL may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved bounds checking. Credit to Clint Ruoho of Laconic Security for reporting this issue.