The iTunes version for Windows found with a critical vulnerability, which can be used by hackers to attack vulnerable systems. Apple recommends to all iTunes users (for Windows) to inform them immediately systems through the latest update that issued the company on 7 October.
The problem started with a malicious code, which was not detected by the antivirus program, as it is considered part of its software Apple. However, the error was discovered by the company's research team Morphisec, which informed Apple. According to researchers, this is a dangerous vulnerability. Morphisec realized the exploitation of the vulnerability in August, when some attacks in automotive systems.
it is about a 'Unquoted path vulnerability', which affects iTunes for Windows, taking advantage of the Bonjour updater that comes with it.
Such vulnerabilities have been known for 15 years. However, it is difficult to locate them individually when they are on software a well-known and trusted source, such as Apple.
What happens is that Apple software itself activates it malicious software. Therefore defense mechanisms cannot act.
Bonjour is distinct from iTunes. When someone uninstalls iTunes, Bonjour still exists. Many people do not know that they have to uninstall separately. According to researchers, many users had uninstalled iTunes from them computers but not Bonjour and as a result it continues to exist and work in the background without being updated. This makes the systems vulnerable.
According to Morphisec, hackers have exploited the vulnerability to install it ransomware BitPaymer, by executing a malicious "program" file. "Bonjour tried to run the 'Program Files' folder, but because of the vulnerability ran BitPaymer ransomware under the program name." In this way, vulnerability avoids detection and bypasses defense mechanisms.
Morphisec researchers have identified many BitPaymer ransomware attacks on US Companies. "At least 15 companies in the field of finance, technology and agriculture have been attacked." The attacks usually take place at the weekend, where they are less likely to be detected. So hackers have enough time to spread ransomware to many Appliances of the targeted network.
Therefore, all users of iTunes for Windows must immediately update their systems so that they do not fall victim to ransomware attack.