Apple software flaw allows ransomware exploit on Windows PCs

[Bradley Prior]

Apple software flaw allows ransomware exploit on Windows PCs

A zero-day security flaw in Apple Software Update, which is installed alongside the iTunes and iCloud for Windows apps, allows malicious parties to install ransomware on Windows computers.

The exploit, which was discovered by security company Morphisec, allows hackers to bypass antivirus protection and install ransomware called BitPaymer.

 

[My_King]

Ah ****, here we go again

 

[Happy Days]

Now that's just annoying. When you uninstall a program, all of it should be gone unless you have manually selected to keep certain parts of it.

 

[r00igev@@r]

iTunes - worst software on the planet!

 

[mercurial]

A Morphi discovered it.

 

[mercurial]

The vulnerability even affects computers that have removed iTunes and iCloud – as the Apple Software Update software remains behind even when these programs are uninstalled.

“In most cases, people are not aware that they need to uninstall the Apple Software Update component separately when uninstalling iTunes,” said Morphisec.

“We were surprised by the results of an investigation that showed Apple Software Update is installed on a large number of computers across different enterprises. Many of the computers uninstalled iTunes years ago while the Apple Software Update component remains silently, un-updated, and still working in the background.”

Apple has patched the vulnerability in the latest versions of iTunes and iCloud, and users of this software are encouraged to update these applications to avoid being affected by this exploit.

 

[_TrXtR_]

High prices because 'Quality'

 

[mercurial]

Apple Safari browser may send your browsing data to Chinese company Tencent