Detects two serious vulnerabilities on uTorrent that can help hackers execute malicious code or view download history on your computer
Google Zero project researchers have discovered two serious Remote Code Execution vulnerabilities in the popular versions of uTorrent web and desktop versions of BitTorrent. Hackers can take advantage of these two vulnerabilities to view the history of downloading or executing malware on a user's computer.
Security researcher Tavis Ormandy had to wait 90 since he notified uTorrent to announce his findings to users.
Tavis Ormandy's announcement on Twitter.
According to Ormandy, uTorrent's desktop version and web version vulnerabilities are related to various JSON-RPC issues. Both use a web interface to display web content.
By hiding commands (downloading malware to your computer's startup folder or accessing user download information) within web pages and interacting with uTorrent's RPC servers, An attacker with a fake website can exploit the client side vulnerability.
BitTorrent said the vulnerability was fixed in the most recent beta version of the desktop uTorrent Windows app. A patch for existing customers will be released in the next few days.
To fix this vulnerability, users can download a vulnerable version of the desktop version 3.5.3.44352 (http://www.utorrent.com/downloads/complete/track/beta/os/win) .
See more:
- The source code for iOS is revealed on GitHub as 'real goods', this is the time to reveal the biggest information in history
- How to protect high-risk network ports?
- Microsoft released an emergency patch for Windows, turned off the Specter patch, causing a drop in system performance
- Critical vulnerabilities discovered in Framework Electron, Skype, Slack, Twitch and a series of affected apps
You should read it
- Critical error on Skype allows hackers to execute malicious code remotely
- Detects code execution vulnerabilities in WinRAR, noting more than 100 infringement cases
- Microsoft expert discovered a series of serious code execution errors in IoT, OT devices
- Download uTorrent 3.5.5.45798
- Hacker exploited three vulnerabilities in Microsoft Office to spread Zyklon malware
- Signs that your computer is infected with malware
- Warning of new malware appear like Wannacry, capable of deleting Vietnamese percussion on computer
- CertUtil.exe allows an attacker to download malicious code and bypass antivirus software
May be interested
- Signs that your computer is infected with malwaremalware, also known as malware, is harmful files, they often come from installing pirated software or you unintentionally download them from the internet. to detect malicious code on your computer, you need to carefully check everything on your computer.
- How to automatically turn off the computer when downloading files on uTorrenton the utorrent software, the torrent file has the feature to automatically turn off the computer after downloading the file and the user does not need to wait to turn off the computer.
- Discovered a group of hackers who use secret code to spy on 21 countriesa group of secret hackers specialized in using android malicious code and other sophisticated reconnaissance tools to steal messages, call history, documents of the press, military, corporation and many other targets at 21 newly discovered country in beirut.
- The launch of uTorrent Web downloads torrent files right from the browserbitorrentorrent inc. recently released utorrent web, a web-based client torrent version optimized for stream services.
- How to view computer usage historymany applications allow monitoring of computer activity, but most of them have to be installed and run in the background to monitor and record computer activities. however, in this article, tipsmake.com will guide you how to view activity history
- Steps to view logs and usage history of windows 10 computersto view the history of turning on and off the computer, you will need to rely on the log keys to check. the operation to open and view the log lock on a windows computer is as follows:
- How to use uTorrent Web to download torrents in the browserutorrent web is a browser torrent download tool like chrome, firefox, microsoft edge, opera ...
- The Linux machine can be remotely hacked with a poisoned DNS responsean important vulnerability was discovered on systemd, the init system and managed on a linux machine, allowing the hacker to cause a buffer overflow to execute malicious code on the target machine via dns feedback.
- EternalRocks - more dangerous malicious code than WannaCry exploits up to seven NSA vulnerabilitieswhile ransomware wannacry has stirred up the internet world over the past few weeks to exploit only two vulnerabilities, the new malware uses seven vulnerabilities.
- Hackers fake Windows 11 download page to spread malicious codehackers are luring naive users into downloading fake windows 11 containing malicious code that steals browser data and cryptocurrency wallets.