HTTP query request vulnerability in iTunes Apple Software Updater


A German company called Gamme International has reported that remote monitoring software designed to exploit a vulnerability in Apple iTunes can indeed infect a PC system. FinFisher spyware software uses a vulnerability in the iTunes update system to install itself on the target PC system. The exploit relies on the fact that Apple Software Updater isn't active, as iTunes uses an encrypted HTTP request to query for the URL for the latest version of the iTunes software from the Apple server. The HTTP query isn't encrypted so the URL can indeed be modified and take the target PC to a modified web page to install the remote monitoring software.

November 27, 2011
Notify of

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Inline Feedbacks
View all comments
© HAKIN9 MEDIA SP. Z O.O. SP. K. 2023