Last Thursday, Acros, a Slovenian security firm, published an advisory that identified what they call a “binary planting” flaw in iTunes. Essentially, if you open a file type associated with iTunes from a remote network share, iTunes will also try to load one more DLLs from the share. Even if the file that the user opened is completely safe, a malicious DLL can be supplied that will lead to code execution. Although the iTunes exploit has been patched, this vulnerability actually affects a variety of other applications on Windows. There is now a metasploit module to exploit it and and audit kit to identify vulnerable applications.
Comments
Be the first to post your comment.