Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

BitTorrent patches flaw that could amplify distributed denial-of-service attacks

Lucian Constantin | Aug. 28, 2015
Attackers could use the vulnerability to force BitTorrent applications to send malicious traffic

The latest versions of uTorrent, BitTorrent mainline and BitTorrent Sync, which are developed by the company, have included the fix since Aug. 4.

The change does not affect backwards compatibility with older versions of those applications nor with third-party BitTorrent clients that use libuTP, a BitTorrent engineer said via email. "Nonetheless, we encourage other developers to ensure their implementations properly enforce acknowledgment number sequencing."

Other protocols designed by the company that rely on libuTP, like the Message Stream Encryption (MSE), are also protected.

 

Previous Page  1  2 

Sign up for CIO Asia eNewsletters.