A critical vulnerability has been detected in two versions of uTorrent, which is one of the Internet’s most widely used BitTorrent apps. Gaps in the system were discovered by Google Project Zero. According to experts, the vulnerability allows hackers to gain access to downloaded files and download history.
The biggest threat is by malicious sites that could exploit the flaw to download malicious code into the Windows startup folder, where it will automatically run the next time the computer boots up. Any site a user visits can also access downloaded files and browse download histories.
Experts at Project Zero emphasize that the most serious threat is malicious pages that give their owners the ability to download viruses to the Windows startup folder.
The developers of uTorrent stated that the dangerous vulnerability has been fixed in the beta version of the PC program, but the public update will only appear in the next few days.