Friday, February 3, 2023
  • Hype
  • Murai
  • Lipstiq
  • Diva
  • Varnam
  • Moviedash
  • Autofreaks
Lowyat.NET
  • News
    • Lifestyle
    • Computing
    • Hardware
    • Internet
    • Rumours & Leaks
    • Software
  • Forums
    • Kopitiam
    • Tradezone
    • Property Talk
    • Finance & Business
    • Fast and Furious
  • Gaming
    • PC Gaming
    • Console
    • Esports
  • Mobile
    • Apps
    • OS
    • Tablets
    • Phones
    • Telco
      • Celcom
      • DiGi
      • Maxis
      • Tune Talk
      • U Mobile
      • Buzzme
  • Pricelists
    • Hardware
      • Compu-zone
      • Viewnet
      • Thundermatch
      • Sri Computers
  • More
    • Automotive Tech
    • Drone
    • Enterprise
    • Entertainment
    • Fashion
    • E-Hailing
    • Wearables
No Result
View All Result
Lowyat.NET
  • News
    • Lifestyle
    • Computing
    • Hardware
    • Internet
    • Rumours & Leaks
    • Software
  • Forums
    • Kopitiam
    • Tradezone
    • Property Talk
    • Finance & Business
    • Fast and Furious
  • Gaming
    • PC Gaming
    • Console
    • Esports
  • Mobile
    • Apps
    • OS
    • Tablets
    • Phones
    • Telco
      • Celcom
      • DiGi
      • Maxis
      • Tune Talk
      • U Mobile
      • Buzzme
  • Pricelists
    • Hardware
      • Compu-zone
      • Viewnet
      • Thundermatch
      • Sri Computers
  • More
    • Automotive Tech
    • Drone
    • Enterprise
    • Entertainment
    • Fashion
    • E-Hailing
    • Wearables
No Result
View All Result
Lowyat.NET
No Result
View All Result
Home Computing

uTorrent Exploit Can Leave PCs Vulnerable To Hacking Exploits

by John Law
February 23, 2018
114
SHARES
Share on FacebookShare on Twitter

An exploit in the P2P program BitTorrent, uTorrent and uTorrent Web could effectively allow hackers to remotely hijack a user’s PC via DNS rebinding. Allowing them to install remote code and execute malware.

Google researcher Tavis Ormandy revealed the vulnerability over Twitter, and provided a detailed list of the exploits in the Windows version of the program. Mercifully, however, Ormandy’s had already began fixing these bugs himself.

Here is a basket of uTorrent DNS rebinding vulnerabilities that are now fixed, from remote code execution to querying and copying downloaded files, and more. https://t.co/JEvhq1IHGJ

— Tavis Ormandy (@taviso) February 20, 2018

BitTorrent engineering vice president, Dave Rees, has since released a statement, saying that the flaws in the (conventional) client had been fixed in earlier beta version last week.

“On 4 December 2017, we were made aware of several vulnerabilities in the uTorrent and BitTorrent Windows desktop clients. We began work immediately to address the issue. Our fix is complete and is available in the most recent beta release (build 3.5.3.44352 released on 16 Feb 2018). This week, we will begin to deliver it to our installed base of users. All users will be updated with the fix automatically over the following days. The nature of the exploit is such that an attacker could craft a URL that would cause actions to trigger in the client without the user’s consent (e.g. adding a torrent).”

ADVERTISEMENT

He also added that a patch for the uTorrent Web exploit is now in place, and should more or less resolve the issue.

“The team behind uTorrent Web released a patch for that issue yesterday and we highly encourage all uTorrent Web customers to update to the latest available build 0.12.0.502 available on our website https://web.utorrent.com and also via the in-application update notification.”

 

If you want to check out Ormandy’s list of the exploits he discovered, you can visit his Chromium page, along with how he patched them.

(Source: Engadget, Ars Technica, TorrentFreak, Twitter (1) (2), Chromium)

What’s your Reaction?
+1
0
+1
0
+1
0
+1
0
+1
0
+1
0
+1
0

Follow us on Instagram, Facebook, Twitter or Telegram for more updates and breaking news. 

Filed Under bittorrentuTorrent
Back to top
Share46Tweet29SendShare

RELATED ARTICLES

(Image source: Disney+.)
Random

Home Alone Is This Year’s Most Pirated Christmas Movie

by John Law
December 27, 2022
Internet

Next Version Of uTorrent Will Work From Your Browser

by Farhan
April 25, 2017
Entertainment

BitTorrent Announces BitTorrent Live Video P2P Video Streaming Service

by Farhan
May 18, 2016
Internet

uTorrent Considers Charging Users For Torrent Client

by Farhan
August 25, 2015

ADVERTISEMENT

LOWYAT.TV

No Result
View All Result

TRENDING TODAY

  1. 1
    Wearables

    Samsung Galaxy Watch Blood Pressure And ECG Feature Now Available In Malaysia

  2. 2
    Mobile Phones

    Samsung Galaxy S23 Ultra Goes Official: Price In Malaysia Starts At RM5,699

  3. 3
    Transportation

    Believe It: We Just Paid For A MRT Ride In Kuala Lumpur Using An Apple Watch

  4. 4
    Banking

    Maybank Launches Own Kill Switch For Maybank2u

  5. 5
    ISP

    TM Is About To Open The First Unifi Store

Consumer Tech News & Reviews Malaysia

NETWORK

  • Hype
  • Murai
  • Lipstiq
  • Diva
  • Varnam
  • Moviedash
  • Autofreaks

ABOUT

  • Advertise
  • Careers
  • Privacy Statement
  • Contact Us
  • Editorial Policy
  • Terms & Conditions

©2023 VIJANDREN RAMADASS. ALL RIGHTS RESERVED.

No Result
View All Result
  • News
    • Lifestyle
    • Computing
    • Hardware
    • Internet
    • Rumours & Leaks
    • Software
  • Forums
    • Kopitiam
    • Tradezone
    • Property Talk
    • Finance & Business
    • Fast and Furious
  • Gaming
    • PC Gaming
    • Console
    • Esports
  • Mobile
    • Apps
    • OS
    • Tablets
    • Phones
    • Telco
      • Celcom
      • DiGi
      • Maxis
      • Tune Talk
      • U Mobile
      • Buzzme
  • Pricelists
    • Hardware
      • Compu-zone
      • Viewnet
      • Thundermatch
      • Sri Computers
  • More
    • Automotive Tech
    • Drone
    • Enterprise
    • Entertainment
    • Fashion
    • E-Hailing
    • Wearables

©2023 LOWYAT, LLC. ALL RIGHTS RESERVED.

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
We use cookies to improve your experience. Learn More.