A zero-day security flaw in Apple Software Update, which is installed alongside the iTunes and iCloud for Windows apps, allows malicious parties to install ransomware on Windows computers.
The exploit, which was discovered by security company Morphisec, allows hackers to bypass antivirus protection and install ransomware called BitPaymer.
It does this by abusing an unquoted path to “maintain persistence and evade detection”, Morphisec said.
The vulnerability even affects computers that have removed iTunes and iCloud – as the Apple Software Update software remains behind even when these programs are uninstalled.
“In most cases, people are not aware that they need to uninstall the Apple Software Update component separately when uninstalling iTunes,” said Morphisec.
“We were surprised by the results of an investigation that showed Apple Software Update is installed on a large number of computers across different enterprises. Many of the computers uninstalled iTunes years ago while the Apple Software Update component remains silently, un-updated, and still working in the background.”
Apple has patched the vulnerability in the latest versions of iTunes and iCloud, and users of this software are encouraged to update these applications to avoid being affected by this exploit.