Zero-Day vulnerability in iTunes and iCloud Apps on Windows PCs allowed ransomware to be installed
A vulnerability in the Bonjour component in both iTunes and iCloud for Windows was exploited to install malicious applications. Apple has released a patch update for iTunes 12.10.1 and iCloud 7.14, so PC users should check that they have both updates installed.
The worst part of this issue is that no anti-virus will catch it since the actions being done, were being done by a signed Apple application, and therefore flagged as ok. In addition, uninstalling via the iTunes uninstaller doesn’t automatically remove Bonjour, leaving your PC vulnerable even if you have uninstalled the application.
The primary vehicle for the ransomware exploit is called BitPaymer.
This is a good reminder that updating third-party applications is a critical component of a broad based security posture.