Apple iTunes had a vulnerability when used on Microsoft Windows that could have allowed threat actors to hijack an affected device’s operating system. The former tech giant recently patched it — but only after leaving users vulnerable for at least six months.
Apple issued the patch on May 23rd, almost six months to the day after it confirmed the flaw’s existence on November 24th. It was originally notified of the glitch two months prior to that by cybersecurity analyst the Synopsys Research Center.
Tagged by Synopsys as CVE-2023-32353, the vulnerability is described as “a local privilege escalation vulnerability” that “creates a privileged folder with weak access control.”
“It is possible for a regular user to redirect this folder creation to the Windows system directory,” said Synopsys. “This can then be leveraged to obtain a higher-privileged system shell.”
The iTunes flaw entails creating a folder in the C: Drive that potentially gives full control over the music app’s directory to anyone accessing it from that device.
“After the installation, the first user to run the iTunes application can delete the SC Info folder [used to authorize the app on a given device], create a link to the Windows system folder, and recreate the folder,” said Synopsys.
According to Synopsys, which gave the flaw a 7.8 risk rating out of ten, following this process could permit a threat actor to “gain Windows system-level access.”
Any Apple device older than the 12.12.9 version being used on Microsoft Windows before the date of the patch might have been affected, Synopsys added.
More from Cybernews:
Subscribe to our newsletter