Attackers exploit an “unquoted path” flaw in the Bonjour updater in iTunes for Windows to deliver ransomware attacks.

A zero-day vulnerability found in Apple iTunes and iCloud was exploited by cybercriminals to infect Windows computers of an automotive company with the BitPaymer ransomware. The attack was reportedly not detected by antivirus solutions. According to morphisec security researchers, the exploited vulnerability was found in the Bonjour component that iTunes and iCloud programs for Windows Morphisec immediately disclosed the attack to Apple, which has recently patched the vulnerability in an iCloud for Windows update. While Apple will be sunsetting iTunes on Macs after the release of macOS Catalina earlier this week, Apple device users with Windows desktops will still need to rely on iTunes for the foreseeable future.use to deliver software updates.

This vulnerability occured when a file path is left without quote marks, can allow cybercriminals to execute arbitrary code without tipping off antivirus solutions because it resides within a trusted program

Because Bonjour is a signed program, cybercriminals took advantage of the unquoted service path vulnerability to run the BitPaymer ransomware that they named “Program.” Normally, the Bonjour component runs from the “Program Files” folder. BitPaymer also managed to evade cybersecurity detection because it did not have the .exe extension.

It should be noted that this vulnerability only affects users of iTunes and iCloud on the Windows platform, as iTunes no longer exists for Mac users with the emergence of macOS Catalina. This Windows vulnerability has been patched by Apple earlier this week.

How to defend against zero-day attacks?

Zero-day vulnerabilities present serious security risks, leaving you susceptible to zero-day attacks, which can result in potential damage to your computer or personal data.

To keep your computer and data safe, it’s smart to take proactive and reactive security measures.

Your first line of defense is to be proactive by using comprehensive security software, like Norton Security, that protects against both known and unknown threats.

Your second line of defense is to be reactive and immediately install new software updates when they become available from the manufacturer to help reduce the risk of malware infection.

Software updates allow you to install necessary revisions to the software or operating system. These might include adding new features, removing outdated features, updating drivers, delivering bug fixes, and most important, fixing security holes that have been discovered.

Follow this security checklist to be sure you are doing everything you can to help keep your information protected from the security risks associated with zero-day vulnerabilities:

  • Keep software and security patches up to date by downloading the latest software releases and updates. Installing security patches fixes bugs that the previous version may have missed.
  • Establish safe and effective personal online security habits.
  • Configure security settings for your operating system, internet browser, and security software.
  • Install a proactive and comprehensive security software to help block known and unknown threats to vulnerabilities.

Things to remember about zero-day vulnerabilities

  1. Keep your software up-to-date to help protect yourself against a zero-day vulnerability. 
  2. Check for a solution when a zero-day vulnerability is announced. Most software vendors work quickly to patch a security vulnerability. 
  3. Don’t underestimate the threat. Cybercriminals will seek to exploit security holes and gain access to your devices and your personal information. They can use your information for a range of cybercrimes including identity theft, bank fraud, and ransomware. 
  4. Always use reliable security software to help keep your devices safe and secure.

By admin

Leave a Reply

Your email address will not be published. Required fields are marked *