CYBER NEWS

uTorrent Vulnerability Could Be Exploited by Any Website

One of the most popular BitTorrent apps – uTorrent – has been found to be vulnerable to easily exploited flaws that could allow hackers to perform a variety of malicious actions. More specifically, two versions of the app are vulnerable to code execution that could lead to access to the victim’s downloaded files.

The finding belongs to Google Project Zero researcher Tavis Ormandy. Currently, the developers of uTorrent are working on releasing fixes for the desktop Windows app and the Web version as well.

Related Story: uTorrent Bundled with a Crypto-Currency Mining Tool Called Epic Scale

How Do the uTorrent Bug Endanger Users?

According to the research, the vulnerabilities enable any website the potential victim visits to control important functionalities in the both the desktop and web versions of uTorrent. The Web uTorrent is an alternative to the desktop version that uses a Web interface and is controlled by the particular browser. The most dangerous case is brought by malicious websites that can exploit a variety of flaws, the uTorrent bugs inclusive.

In this case, a malicious site leveraging the flaw could download malevolent code into the Windows startup folder. Once this is done, the code will be activated the next time the system is booted. In addition to malicious sites, any other website could also leverage the flaw by accessing downloaded files and even browse freely through the downloaded history of the victimized machine.

Related Story: Severe DLL Hijacking Flaw in Skype Won’t Be Patched by Microsoft

Users Should Download uTorrent/BitTorrent 3.5.3.44352

According to Dave Rees, the VP of engineering of BitTorrent, the flaw has been addressed in a beta release of the desktop version of uTorrent. However, the fix is yet to be delivered to users who already have the production version installed on their systems. Nonetheless, users can still download the fixed version of uTorrent – uTorrent/BitTorrent 3.5.3.44352.”We highly encourage all uTorrent Web customers to update to the latest available build 0.12.0.502 available on our website and also via the in-application update notification,” the VP said.

Milena Dimitrova

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum since the beginning. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:
Twitter

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...