Last week Apple fixed an I-Tunes vulnerability involving the loading of "safe" file types from remote network locations. A company called Acros Security says this vulnerability works when a remote attacker plants a malicious DLL with a specific name on a network share and get the user to open a media file from this network eg using I-Tunes, requiring minimal effort by the attacker.

Microsoft Windows and about 40 applications that run on it are vulnerable to this form of attack and M$ are 'investigating'. As always, Facebook/Twitter etc users beware?