An issue was discovered in certain Apple products. iTunes before 12.6.2 on Windows is affected. The issue involves the "iTunes" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app.
Apple Security Advisory 2017-07-19-6 - iTunes 12.6.2 is now available and addresses code execution, information disclosure, and various other vulnerabilities.