A Google team detected a security flaw in the popular download platforms. Find out .
Two versions of uTorrent, one of the applications commonly used for downloading movies and Internet series, are exposed to vulnerabilities that would allow attackers to inject a computer virus and take control of the computer, an investigator has found.
The problem was discovered by Tavis Ormandy, a member of Google Project Zero, a team of security analysts who specialize in finding flaws unknown by programmers. These errors are also known as "zero day" (in English "zero day"), Tech Radar specialized site reported.
According to Ormandy, vulnerabilities are easy to exploit and allow attackers to control key functions, such as accessing downloaded files and exploring download histories on the victim's computer.
Developers are in the process of implementing solutions for both the uTorrent version for Windows and the newer uTorrent web product, which are the affected versions, they revealed.
Likewise, Project Zero researchers recognize that any website visited by a person controls the key functions in both versions.
The biggest threat is the malicious sites that could exploit the flaw to download malware in the Windows startup folder, where it will run automatically the next time the computer is started.
The creators of the BitTorrent download protocol issued a security patch in their latest beta (trial), and plan to launch a new stable version to all users later this week.
"The web version of uTorrent has already been fixed," according to Dave Rees, vice president of BitTorrent Engineering.
"We recommend all uTorrent Web customers to update to the latest version (0.12.0.502), available on our website and also through the update notification in the application," said the manager in an email sent to users .