Attackers exploit an iTunes zeroday to install ransomware [telecom]

Apple patches actively exploited flaw that let ransomware crooks evade AV protection.

By Dan Goodin

Attackers exploited a zeroday vulnerability in Apple's iTunes and iCloud programs to infect Windows computers with ransomware without triggering antivirus protections, researchers from Morphisec reported on Thursday. Apple patched the vulnerability earlier this week.

The vulnerability resided in the Bonjour component that both iTunes and iCloud for Windows relies on, according to a blog post. The bug is known as an unquoted service path, which as its name suggests, happens when a developer forgets to surround a file path with quotation marks. When the bug is in a trusted program - such as one digitally signed by a well-known developer like Apple - attackers can exploit the flaw to make the program execute code that AV protection might otherwise flag as suspicious.

formatting link

Reply to
Monty Solomon
Loading thread data ... Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.