, ,

This local privilege escalation vulnerability in iTunes could spell big trouble for Windows users

Cyfirma Research recently discovered a serious security vulnerability affecting users of iTunes on Windows systems.

This local privilege escalation vulnerability, classified as CVE-2024-44193, allows attackers with limited access to elevate their privileges, potentially compromising entire systems.

The vulnerability, present in iTunes for Windows version 12.13.2.3 and earlier, poses a critical threat to the security of systems, making timely updates and patching essential.

Urgent iTunes update addresses this escalation risk

The core issue behind CVE-2024-44193 lies in improper permission management, specifically related to the AppleMobileDeviceService.exe.

Attackers can exploit the CVE-2024-44193 vulnerability by manipulating the files within the C:\ProgramData\Apple\Lockdown directory. With inadequate permission settings, even low-privileged users can write arbitrary files to this directory, enabling attackers to create opportunities for privilege escalation.

This vulnerability is not difficult to trigger, and thus makes its exploitation particularly concerning, as attackers can use various tools, such as NTFS junctions and opportunistic locks, to craft sophisticated exploit chains resulting in the execution of arbitrary code with elevated privileges.

The exploitation of CVE-2024-44193 follows a structured sequence of steps, allowing attackers to manipulate the AppleMobileDeviceService.exe and gain elevated privileges. First, attackers create arbitrary files within the Lockdown directory, leveraging tools like Oplock to halt processes at key moments. They can then exploit NTFS junctions, which redirect file deletions to critical system areas.

These actions culminate in the deletion of essential system files, giving the attacker administrative access. The ease of exploitation, combined with the widespread use of iTunes, particularly in enterprise environments, increases the vulnerability’s risk profile. Organizations are urged to update iTunes to version 12.13.3 or later to mitigate the risk.

The impact of this vulnerability is severe, as it grants attackers administrative-level access to the targeted system. With SYSTEM-level privileges, attackers can manipulate system files, install malware, access sensitive data, and even disrupt services. This makes CVE-2024-44193 a critical risk for organizations, particularly those with large numbers of unmanaged or outdated systems running vulnerable versions of iTunes.

At the moment, there is no confirmed evidence of this vulnerability being actively exploited in the wild and there is also no active discussion of this vulnerability in underground forums. However, its potential for widespread use remains high due to the low complexity of the attack.

CVE-2024-44193 affects iTunes for Windows globally, impacting a variety of industries that rely on Windows-based systems. Media and entertainment, education, government, and corporate environments are particularly vulnerable due to the widespread use of iTunes. Additionally, organizations handling sensitive data or operating in high-risk environments may face increased exposure to attacks.

More from TechRadar Pro

https://www.techradar.com/pro/This-local-privilege-escalation-vulnerability-in-iTunes-could-result-in-unauthorized-sensitive-data-access-on-Windows-systems


December 2024
M T W T F S S
 1
2345678
9101112131415
16171819202122
23242526272829
3031  

About Us

Welcome to encircle News! We are a cutting-edge technology news company that is dedicated to bringing you the latest and greatest in everything tech. From automobiles to drones, software to hardware, we’ve got you covered.

At encircle News, we believe that technology is more than just a tool, it’s a way of life. And we’re here to help you stay on top of all the latest trends and developments in this ever-evolving field. We know that technology is constantly changing, and that can be overwhelming, but we’re here to make it easy for you to keep up.

We’re a team of tech enthusiasts who are passionate about everything tech and love to share our knowledge with others. We believe that technology should be accessible to everyone, and we’re here to make sure it is. Our mission is to provide you with fun, engaging, and informative content that helps you to understand and embrace the latest technologies.

From the newest cars on the road to the latest drones taking to the skies, we’ve got you covered. We also dive deep into the world of software and hardware, bringing you the latest updates on everything from operating systems to processors.

So whether you’re a tech enthusiast, a business professional, or just someone who wants to stay up-to-date on the latest advancements in technology, encircle News is the place for you. Join us on this exciting journey and be a part of shaping the future.

Podcasts

TWiT 1011: The Year in Review – A Look at the Top Stories of 2024 This Week in Tech (Audio)

What's behind the tech industry's mass layoffs in 2024? : NPR Rabbit R1 AI Assistant: Price, Specs, Release Date | WIRED Stealing everything you've ever typed or viewed on your own Windows PC is now possible with two lines of code — inside the Copilot+ Recall disaster. Microsoft delays Recall after security concerns, and asks Windows Insiders for help The Qualcomm Snapdragon X Architecture Deep Dive: Getting To Know Oryon and Adreno X1 Elon Musk: First Human Receives Neuralink Brain Chip Apple hit with €1.8bn fine for breaking EU law over music streaming Bluesky emerges The hidden high cost of return-to-office mandates Apple's Car Was Doomed by Its Lofty Ambitions to Outdo Tesla SpaceX pulls off unprecedented feat, grabs descending rocket with mechanical arms U.S. versus Apple: A first reaction Google Says It Won't Force Gemini on Partners in Antitrust Remedy Proposal U.S. Accuses Chinese Hackers of Targeting Critical Infrastructure in America U.S. Agency Warns Employees About Phone Use Amid Ongoing China Hack AT&T says criminals stole phone records of 'nearly all' customers in new data breach National Public Data confirms breach exposing Social Security numbers Schools Want to Ban Phones. Parents Say No. New York passes legislation that would ban 'addictive' social media algorithms for kids GPT-4o (omni) + new "Her"-style AI assistant (it's nuts) Google emissions jump nearly 50% over five years as AI use surges Trump proposes strategic national crypto stockpile at Bitcoin Conference Ten additional US states join DOJ antitrust lawsuit looking to break up Live Nation and TicketmasterThe Internet Archive just lost its appeal over ebook lending Hezbollah Pagers Explode in Apparent Attack Across Lebanon OpenAI raises $6.6 billion in largest VC round ever Painting by A.I.-Powered Robot Sells for $1.1 Million Netflix's Live Mike Tyson Vs. Jake Paul Fight Battling Sound & Streaming Glitches In Lead-Up To Main Event Infowars Sale to The Onion Rejected by Federal Bankruptcy Judge Supreme Court agrees to hear challenge to TikTok ban So You Want to Solve the NJ Drone Mystery? Our Expert Has Some Ideas Beeper's push for iMessage on Android is really over The Quiet Death of Ello's Big Dreams Japan finally ends mandatory form submission on floppy disks We'll Miss You: Pioneering instant messaging program ICQ is finally shutting down after nearly 30 years Spotify is going to break every Car Thing gadget it ever sold Game Informer to Shut Down After 33 Years In Memoriam Host: Leo Laporte Guests: Fr. Robert Ballecer, SJ, Richard Campbell, and Mikah Sargent Download or subscribe to This Week in Tech at https://twit.tv/shows/this-week-in-tech Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsor: bitwarden.com/twit
  1. TWiT 1011: The Year in Review – A Look at the Top Stories of 2024
  2. TWiT 1010: The Densest State in the US – TikTok Ban, Drones Over Jersey, GM Quits Robotaxis
  3. TWiT 1009: Andy Giveth & Bill Taketh Away – Trump's Tech Titans, Crypto Boom, TikTok's US Ban, Intel CEO Exits
  4. TWiT 1008: Internet Legal – Australia's Social Media Ban for Kids, Smart Home Nightmare, Bluesky's Ascent
  5. TWiT 1007: All the Hotdogs in the World – China's "Salt Typhoon" Hack, Google on the Chopping Block, Recall AI