A vulnerability in iTunes and iCloud for Windows allowed computers to be hijacked


In recent years, ransomware attacks have become a headache for large companies, and not so large ones, who see how everyone data stored on infected computers is encrypted and you can’t get access to them unless you check out and pay for the password that supposedly unlocks access to the data.

Morphisec researchers detected a security flaw in both iTunes and iCloud for Windowswhich allowed the friends of others to take advantage of the vulnerability of the Bonjour application, an application that allows us to know at all times if we have new updates pending download.

Attackers have been able to exploit this vulnerability, which was not detected by antivirus since being signed by Apple It was completely safe, to carry out ransomware attacks, allowing the computer to be hijacked, its content encrypted and a key requested in exchange for a financial outlay.

Bonjour is not part of the iTunes or iCloud apps, but rather works independently, Therefore, when removing both applications, this application is still present in the system, so the number of computers that may have been exposed is very high, despite having deleted both applications.

This vulnerability was detected last August by Morphisec, when one of their clients was affected by BitPaymer ransomware. They quickly contacted the Cupertino-based company, reporting all the details about how this virus works and how it could reach that company’s computers.

If you use Windows and have iTunes installed, it is already taking time to update both iTunes and iCloud through this link. If the version of iTunes you have installed comes from the Windows Store, you just have to access it and update the application. This vulnerability does not affect computers managed by macOS.