Apple iTunes crashed causing Windows computers to be infected, deleted applications for several years still affected

The iTunes and iCloud applications on a Windows computer exist a vulnerability that allows bad guys to bypass virus removal and malware installations. The bug only affects iTunes and iCloud versions for Windows computers and Mac computers.

If exploited successfully, bad guys can avoid the security fence on the computer and install ransomware to encrypt the hard drive on the victim's computer, then demand a ransom.

According to security company Morp4ec, the cause of the problem lies in an important component of the creation of two iTunes and iCloud applications on Windows called Bonjour. Links to files that have been 'forgotten' by the developers are not enclosed in quotation marks. This has allowed bad guys to spread ransomware.

Often, ransomware will be blocked by anti-virus applications. But when run under the guise of being an Apple application, they will bypass anti-virus applications. Taking advantage of this, the bad guy installed a ransomware named BitPaymer.

This bug has been patched by Apple in iTunes updates 12.10.1 and iCloud 7.14. However, for Windows computers that have installed these two software before, this patch cannot fully address the vulnerability.

According to Morp4ec, after installation, Bonjour will separate as a separate software. So many computers have removed iTunes many years ago but Bonjour is still there and works in the background, even updated continuously. To remove Bonjour, users must remove it separately.

1. Google discovered a dangerous zero day vulnerability on many Samsung Galaxy, Huawei, Xiaomi and even Pixel phones
2. Serious vulnerability discovered to allow jailbreak iPhone 4s to iPhone X permanently, Apple can not patch?