iTunes for Windows exploit bypassed antivirus to deliver ransomware
A zero-day vulnerability in Apple’s iTunes (and iCloud) software for Windows PCs was leveraged by malicious parties to install ransomware on those machines, while bypassing any antivirus apps.
This security hole – and subsequent particularly nasty attack – has now been patched following its disclosure to Apple by security company Morphisec.
The exploit in question relied on an “unquoted path vulnerability” which isn’t often seen, Morphisec observes, although it has been found in high-profile software before now, including the Intel Management Engine and ExpressVPN (the latter as recently as July).
- New ransomware spreads via SMS
- Ransomware mutations have doubled in 2019
- This is the best free anti-ransomwa
Be the first to write a comment.