HTTP query request vulnerability in iTunes Apple Software Updater

November 27, 2011
(18 views)

A German company called Gamme International has reported that remote monitoring software designed to exploit a vulnerability in Apple iTunes can indeed infect a PC system. FinFisher spyware software uses a vulnerability in the iTunes update system to install itself on the target PC system. The exploit relies on the fact that Apple Software Updater isn't active, as iTunes uses an encrypted HTTP request to query for the URL for the latest version of the iTunes software from the Apple server. The HTTP query isn't encrypted so the URL can indeed be modified and take the target PC to a modified web page to install the remote monitoring software.

Recommended From Hakin9

Security firm RSA Security breached


Security firm RSA Security breached

RSA Security is one of the biggest players in the enterprise security landscape, featuring advanced

Subscribe
Notify of
guest

This site uses Akismet to reduce spam. Learn how your comment data is processed.

1 Comment
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
© HAKIN9 MEDIA SP. Z O.O. SP. K. 2023
What certifications or qualifications do you hold?
Max. file size: 150 MB.

What level of experience should the ideal candidate have?
What certifications or qualifications are preferred?

Download Free eBook

Step 1 of 4

Name(Required)

We’re committed to your privacy. Hakin9 uses the information you provide to us to contact you about our relevant content, products, and services. You may unsubscribe from these communications at any time. For more information, check out our Privacy Policy.