An exploit in the P2P program BitTorrent, uTorrent and uTorrent Web could effectively allow hackers to remotely hijack a user’s PC via DNS rebinding. Allowing them to install remote code and execute malware.
Google researcher Tavis Ormandy revealed the vulnerability over Twitter, and provided a detailed list of the exploits in the Windows version of the program. Mercifully, however, Ormandy’s had already began fixing these bugs himself.
Here is a basket of uTorrent DNS rebinding vulnerabilities that are now fixed, from remote code execution to querying and copying downloaded files, and more. https://t.co/JEvhq1IHGJ
— Tavis Ormandy (@taviso) February 20, 2018
BitTorrent engineering vice president, Dave Rees, has since released a statement, saying that the flaws in the (conventional) client had been fixed in earlier beta version last week.
“On 4 December 2017, we were made aware of several vulnerabilities in the uTorrent and BitTorrent Windows desktop clients. We began work immediately to address the issue. Our fix is complete and is available in the most recent beta release (build 3.5.3.44352 released on 16 Feb 2018). This week, we will begin to deliver it to our installed base of users. All users will be updated with the fix automatically over the following days. The nature of the exploit is such that an attacker could craft a URL that would cause actions to trigger in the client without the user’s consent (e.g. adding a torrent).”
He also added that a patch for the uTorrent Web exploit is now in place, and should more or less resolve the issue.
“The team behind uTorrent Web released a patch for that issue yesterday and we highly encourage all uTorrent Web customers to update to the latest available build 0.12.0.502 available on our website https://web.utorrent.com and also via the in-application update notification.”
If you want to check out Ormandy’s list of the exploits he discovered, you can visit his Chromium page, along with how he patched them.
(Source: Engadget, Ars Technica, TorrentFreak, Twitter (1) (2), Chromium)
