Security vulnerabilities have become headline news, and not just in the IT world. A crucial vulnerability in popular downloading software uTorrent is one of the latest cybersecurity stories.
Tavis Ormandy, a Google Project Zero researcher, found remote code execution vulnerabilities in the Windows desktop version of uTorrent, as well as the web version of uTorrent, back in December 2017. He disclosed the vulnerability to BitTorrent Inc. shortly after.
uTorrent vulnerability: Possible exploits
uTorrent uses ports 10000 and 19575 to host the HTTP RPC Server. These ports help users access these apps over any browser, but these RPC servers can allow attackers to remotely take control of the torrent application with minimal user input.
This latest vulnerability in uTorrent can be exploited using a hacking method called DNS rebinding. With a DNS rebinding attack, attackers inject malicious code on a user’s computer when that user interacts with an anonymous website. For example, an attacker can create a malicious website and give it the same DNS name as the local IP address of the computer running uTorrent. Ormandy explained this process in detail in his proof of concept.
Since this vulnerability was disclosed, uTorrent has released the following patches to address this security issue:
- uTorrent stable 18.104.22.168358
- uTorrent beta 22.214.171.124352
- uTorrent Web 0.12.0.502
Fine-tune your enterprise’s approved software list to minimize attack vectors
Vulnerabilities to third-party applications like uTorrent are a good reminder to reevaluate your enterprise’s list of approved software. By blacklisting software that isn’t necessary for your business, you can minimize your organization’s exposure to critical security vulnerabilities.
Clearly define which applications can be installed inside your network by blacklisting and whitelisting software. Desktop Central, our desktop management solution, comes with software prohibition features which allow you to block particular applications. Once you’ve defined your list of prohibited software, Desktop Central can alert you when those programs are detected inside your network and automatically uninstall them. Mobile Device Manager Plus on the other hand assists in mobile application management (MAM), enabling you to blacklist and whitelist apps on users’ devices.
Download Desktop Central to secure your servers, laptops, and desktops.
Download Mobile Device Manager Plus to blacklist unwanted apps in mobile devices.