Apple has released iTunes 9.2.1 to address a vulnerability. This vulnerability is due to improper handling of itpc URLs. itpc is the protocol used by Apple iTunes for handling podcasts. By convincing a user to access a specially crafted itpc URL, an attacker may be able to execute arbitrary code or cause a denial-of-service condition.
US-CERT encourages users and administrators to review Apple article HT4263 and update to iTunes 9.2.1 to help mitigate the risks associated with this vulnerability.