Apple software flaw enables ransomware exploit in Windows
A zero-day security flaw in Apple Software Update, which is installed alongside the iTunes and iCloud for Windows apps, allows malicious parties to install ransomware on Windows computers.
The exploit, which was discovered by security company Morphisec, allows hackers to bypass antivirus protection and install ransomware called BitPaymer.
It does this by abusing an unquoted path to "maintain persistence and evade detection", Morphisec said.
The vulnerability even affects computers that have removed iTunes and iCloud - as the Apple Software Update software remains behind even when these programs are uninstalled.
"In most cases, people are not aware that they need to uninstall the Apple Software Update component separately when uninstalling iTunes," said Morphisec.
"We were surprised by the results of an investigation that showed Apple Software Update is installed on a large number of computers across different enterprises. Many of the computers uninstalled iTunes years ago while the Apple Software Update component remains silently, un-updated, and still working in the background."
Apple has patched the vulnerability in the latest versions of iTunes and iCloud, and users of this software are encouraged to update these applications to avoid being affected by this exploit.
More News in Software
iTunes for Windows Zero-Day Exploited for Ransomware Apple iTunes included a really dumb bug, which ransomware gangs have been using to attack victims' Windows PCs. Not only that, but the vulnerability sticks around even if you
Any year in which a young man earns a living playing video games is a pretty darn good one. For 27-year-old Tyler Blevins, aka Ninja, 2018 was the
At PAX Australia 2019, CD Projekt RED confirmed off an hour of Cyberpunk 2077 gameplay, which showcased two skills in additional element: Demon Software program and Nano Wire. GameSpot was in attendance when the behind-closed-door demo
New Market Research on Global IoT Utilities Market released by Market Research Store. The study comprised of 100+ market data Graphs & Figures, Pie Chat, and Tables. The report has a detailed
Global Enterprise Mobility Management Software 2019 Market research report highlights projection of business, market growth and challenges, new innovations and opportunities, market size, trends, strategies, future roadmap and forecast to 2025 The Enterprise