Apple flaw left iTunes users vulnerable on Microsoft

Apple iTunes had a vulnerability when used on Microsoft Windows that could have allowed threat actors to hijack an affected device’s operating system. The former tech giant recently patched it — but only after leaving users vulnerable for at least six months.

Apple issued the patch on May 23rd, almost six months to the day after it confirmed the flaw’s existence on November 24th. It was originally notified of the glitch two months prior to that by cybersecurity analyst the Synopsis Research Center.

Tagged by Synopsis as CVE-2023-32353, the vulnerability is described as “a local privilege escalation vulnerability” that “creates a privileged folder with weak access control.”

“It is possible for a regular user to redirect this folder creation to the Windows system directory,” said Synopsis. “This can then be leveraged to obtain a higher-privileged system shell.”

The iTunes flaw entails creating a folder in the C: Drive that potentially gives full control over the music app’s directory to anyone accessing it from that device.

“After the installation, the first user to run the iTunes application can delete the SC Info folder [used to authorize the app on a given device], create a link to the Windows system folder, and recreate the folder,” said Synopsis.

According to Synopsis, which gave the flaw a 7.8 risk rating out of ten, following this process could permit a threat actor to “gain Windows system-level access.”

Any Apple device older than the 12.12.9 version being used on Microsoft Windows before the date of the patch might have been affected, Mitiga added.


Original Posts: Apple flaw left iTunes users vulnerable on Microsoft

Share Blog
Share this
[wp_social_sharing social_options='facebook,twitter,linkedin' twitter_username='arjun077' facebook_text='Share on Facebook' twitter_text='Share on Twitter' linkedin_text='Share on Linkedin' pinterest_text='Share on Pinterest' xing_text='Share on Xing' reddit_text='Share on Reddit' icon_order='f,t,l,p,x,r,i' show_icons='0' before_button_text='' text_position='' social_image='']