Security News > 2019 > October > Update now! Windows users targeted by iTunes Software Updater zero-day

Update now! Windows users targeted by iTunes Software Updater zero-day

2019-10-15 12:06

The flaw is a rare ‘unquoted path class’ described as "so thoroughly documented that you would expect programmers to be well aware..." But that's not the case.

News URL

https://nakedsecurity.sophos.com/2019/10/15/update-now-windows-users-targeted-by-itunes-software-updater-zero-day/

#itunes #windows #zeroday

Related news

Microsoft patches Windows Kernel zero-day exploited since 2023 (source)
Unpatched Windows Zero-Day Flaw Exploited by 11 State-Sponsored Threat Groups Since 2017 (source)
New Windows zero-day exploited by 11 state hacking groups since 2017 (source)
APTs have been using zero-day Windows shortcut exploit for eight years (ZDI-CAN-25373) (source)
EncryptHub linked to MMC zero-day attacks on Windows systems (source)
New Windows zero-day leaks NTLM hashes, gets unofficial patch (source)
EncryptHub Exploits Windows Zero-Day to Deploy Rhadamanthys and StealC Malware (source)
Microsoft: Windows CLFS zero-day exploited by ransomware gang (source)
Microsoft fixes actively exploited Windows CLFS zero-day (CVE-2025-29824) (source)
PipeMagic Trojan Exploits Windows Zero-Day Vulnerability to Deploy Ransomware (source)

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.