Along with the fix to various security flaws in its recent release of updates last week, Apple has also fixed a Zero-Day vulnerability in its iCloud and iTunes applications. The vulnerability, which has not been assigned a CVE yet, has been termed as an Unquoted Path vulnerability. This flaw is being exploited actively by BitPaymer/IEncrypt campaign and can result in the execution of malicious executable with the System account privileges.
No CVE has been assigned to the vulnerability at the time of writing. Other CVEs fixed in the same set of updates are:
Apple iTunes versions before 12.10
Apple iCloud versions before 7.14
To address this vulnerability, the Apple has released patch for both, iTunes and iCloud applications. For more information, please refer to our blog:
Use SanerNow platform to apply this critical patch quickly across the organization as shown below.
Vulnerability detection and patching of Apple iTunes and iCloud:
- Login to SanerNow platform
- Switch to the account/site specific view and Go to 'VM tool'
- If your Application (iTunes or iCloud) is vulnerable, Saner lists the above CVEs in 'Top Vulnerabilities or 'Recently Discovered Vulnerabilities' as shown in the below diagram:
- Search for this vulnerability in VM tool. If you are affected, apply the patch through PM -> Missing Patches.
- Select 'Groups/Devices' in the 'Asset Source' section and click 'Apply'.
- Select the product 'Apple iCloud' or 'Apple iTunes' from the 'Asset' section as shown in the below image:
- Select ‘Apply Selected Patches’ at the rightmost corner. This will prompt for ‘Creating Patch Task’. Fill in ‘Task Name’ and ‘Remediation Schedule' as per your preference and click on ‘Apply Selected Patches' as shown below
- Remediation job will be created, which will fix the vulnerability by upgrading Apple iCloud or iTunes to the latest patch version.
- Once remediation is done, the Saner agent automatically scans again and uploads the result to SanerNow as shown below