remaining dormant until my November 7th auto-update to Firefox 25.īTW, when I first noticed this bug, I ran Spybot, Superantispyware, and Avast scans for malware - coming up empty. So, they must have been added to my Firefox plug-ins (without my knowledge) when I installed uTorrent. Note that these two plug-ins are not available on the Mozilla site. But in my Firefox extensions menu, it showed plug-ins for both uTorrent and Conduit Search (which web research told me had partnered with uTorrent). Basically, it was a Yahoo search page telling me the page didn't exist. But starting on the 7th, it took me to a "Page not found Yahoo Error Handler" page. Before the 7th, if I clicked on a link to a page that no longer existed, a Firefox window opened telling me so. For example, I was using uTorrent without issue until my Firefox auto-updated itself to Firefox 25 on November 7th. It seems like most modern torrent software developers have aligned themselves with toolbar purveyors and other invasive "companion" software. If you cannot find it, you might be safe from this bug.Īfter applying the setting, you should restart the client.Just curious if such a thing exists nowadays. Some older uTorrent versions might not have this option. to prevent this, I strongly recommend that all uTorrent users disable the 'net.discoverable' setting. Among other things, this bug allows for crashing of uTorrent, and stealing of torrents. (This applies to both uTorrent web and the WebUI inside 'normal' versions of uTorrent)Įven if you have the WebUI disabled, there is another security bug that can be exploited.
Because of this, I strongly recommend that all users currently using the uTorrent webUI, disable it for the time being. The full bug report can be found here: More information can be found here: īasically, this security hole allows an attacker to remotely get access to your uTorrent via the WebUI, and use that for malicious activities, like downloading viruses to your computer.
Quote Recently, two security bugs were found in uTorrent in how it sets up its web interface (affecting both uTorrent Web and uTorrent Classic).
0 kommentar(er)
