New iCloud and iTunes Ransomware Vulnerability Found

Published

A vulnerability in iCloud and iTunes apps for Windows has allowed attackers to bypass antivirus protection and install ransonmware. Once infected, the hard drive becomes encrypted with a key that only the attacker knows, which gets leveraged as a sort of ransom.

New iCloud and iTunes Ransomware Vulnerability Found

Security firm Morphisec was the first to find the vulnerability. A bug within Apple apps allow attackers to piggyback a malicious app without triggering antivirus actions as it’s signed in and automatically approved.

The vulnerability has been patched with version 7.14 for iCloud and 12.10.1 for iTunes. Update your iTunes and iCloud to the latest version to ensure you’re protected against ransomware attempts. If you’ve used iTunes before, make sure you’ve also uninstalled the Bonjour component.

Mac computers are unaffected. Plus, iTunes has already been replaced by the new Music app. Morphisec reported the issue and disclosed important details to Apple, which led to updates that fixed the security holes.

Photo of author

Samantha Wiley

Samantha is a senior news editor at iLounge. She has been covering the technology industry for over five years, writing about Apple, Google, and other major companies. Samantha has also worked as a reporter and editor for several other publications.