Affected applications include the iTunes music player version 5, RealPlayer 10.5, Kaspersky Anti-Virus for Windows File Servers 5.0, VMWare 5.0.0 and Microsoft Antispyware 1.0.509 (Beta 1).
The flaw affects the 'CreateProcess' software which is used to launch a function within an application.
The function searches multiple paths on a system for the information, which could allow an attacker to place a specially crafted program in one of these locations and simply wait for it to executed.
Apple said in a security advisory on its website that this is happening with iTunes 5 when a user launches the help file. The company advises users to upgrade to the current version 6 of the software, which is not affected by the flaw.
Cotton seedling freezes to death as Chang'e-4 shuts down for the Moon's 14-day lunar night
Fortnite easily out-earns PUBG, Assassin's Creed Odyssey and Red Dead Redemption 2 in 2018
Meteor showers as a service will be visible for about 100 kilometres in all directions
Saturn's rings only formed in the past 100 million years, suggests analysis of Cassini space probe data
New findings contradict conventional belief that Saturn's rings were formed along with the planet about 4.5 billion years ago