A critical Windows DLL vulnerability that makes several widely used programs targets for remote hijacks surfaced in the news this week. Among the affected applications are Firefox, Adobe Photoshop and uTorrent. Since the news broke dozens of exploits have already surfaced. Luckily uTorrent was one of the first to fix the vulnerability and now all users are encouraged to update their client.
Due to a DLL load hijacking vulnerability in the Windows operating system, dozens of applications have become a target for remote hijack exploits. Since Microsoft refuses to patch Windows, the developers of the affected applications have to take measures on their own.
After the news about the vulnerability became public earlier this week, several pieces of exploit code surfaced, attacks that allow outsiders to take control over the PCs of users who run the affected applications.
Included in the list of vulnerable programs are familiar names such as Firefox, Adobe Photoshop, VLC and also the popular BitTorrent client uTorrent. Upon hearing the news the uTorrent developer team didn’t sit still and yesterday an essential update was released that should fix the DLL vulnerability.
“There is a DLL vulnerability in all versions of Windows affecting a great deal of software applications. Subsequently, attack code targeting the uTorrent client surfaced on a third-party website, and while so far no attacks have been reported to us, we have released uTorrent 2.0.4 to fix this vulnerability,” uTorrent Community Manager ‘Firon‘ explained.
“The new client disables loading of DLLs from the current working directory and prevents this exploit from functioning,” Firon said, adding an ensuring message for uTorrent users. “We take our user’s security very seriously, and we sincerely apologize for any inconvenience.”
It is needless to say that all uTorrent users are encouraged to update their clients to the most recent version. With a userbase of more than 50 million monthly users uTorrent is a major target for exploits, so it’s good to see that BitTorrent Inc. takes these security threats seriously.