uTorrent 1.7.7 Stable Fixes Security Issues
Written by Ernesto on January 27, 2008The uTorrent development team just released 1.7.7 stable. The new version is the latest 1.7 release, and fixes the vulnerability that allowed attackers to remotely crash the BitTorrent client.
Two weeks ago we reported that several versions of the popular BitTorrent client uTorrent were vulnerable to a remote DoS attack.
The vulnerability was discovered by Luigi Auriemma, a Milan-based security expert. He claimed that various BitTorrent clients were subject to this security flaw, based on the way they handle user-supplied data. The vulnerability was not critical, but it did allow attackers to remotely crash the application.
In a response, the uTorrent team stated that several of the older uTorrent releases were also affected. Luckily, they quickly released a new build - uTorrent 1.7.6 (build 7859), in which they fixed the issue, and the latest stable release is now safe as well.
The latest stable release of uTorrent adresses both the remote crash bug in WebUI and the (potential) remote crash bug with extension protocol. In the release notes we read: “1.7.7 is released to fix some potential security exploits. Barring any other security issues before the release of 1.8, this will be the last 1.7.x release.”
uTorrent is by far the most used BitTorrent client, and is installed on 5% of all Windows PCs worldwide, according to recent reports. The BitTorrent mainline client - also developed by BitTorrent Inc. - comes in second place, before Azureus and BitComet.
The latest stable release can be downloaded over here, upgrading is of course recommended.
Previously: The Pirate Bay Now Tracks 1 Million Torrents, 10 Million Peers
Next: Most Popular DVDrips on BitTorrent (wk4)


42 Responses (Add yours or TrackBack)
Pages: [1] 2 » Show All
utorrent 1.7.6 is fucked up. Can’t get my torrents to work and a roll back doesn’t do anything either. Been working on this for the last couple of days and now in the process of installing my windows again
hes blown
To all you 1.7.X’s out there, try the new 1.8 Alpha instead.
I’s much more solid =)
µTorrent 1.8 Build 8188 Alpha
http://forum.utorrent.com/viewtopic.php?id=31998
It’s no suprise the alpha is more stable than the “stable”.
uT has a bad habbit of calling everything they release in the 1.7.x branch a stable, despite having to regularly release 2 or 3 versions in the same week.
I wonder if the Private trackers already support them. I won’t upgrade until my trackers say it’s A.OK
I converted to Azureus about a week ago from uTozz don’t really see any reason for changing back now!
[quote comment="273464"]I converted to Azureus about a week ago from uTozz don’t really see any reason for changing back now![/quote]
The fact that uTorrent is better isn’t a good enough reason?
[quote comment="273473"][quote comment="273464"]I converted to Azureus about a week ago from uTozz don’t really see any reason for changing back now![/quote]
The fact that uTorrent is better isn’t a good enough reason?[/quote]
Whatever…
is you on crack or somethin’?
Still using uTorrent 1610 and never had problems…Should I be worried?
No, you don’t have to worry. 1.6.1 does not have this issue, however all other versions between there and 1.7.6 have the security issue. I have upgraded to 1.7.7 and it works fine, hopefully this is the last time that I have to think about this for a while.
I have and i use version 1.6.1.490 for long time. Works perfect, is stable, never had problems. It was time the real guy was programmer for utorrent. Now utorrent got fucked up by other boys have no skills about good programming!
[quote comment="273510"]I have and i use version 1.6.1.490 for long time. Works perfect, is stable, never had problems. It was time the real guy was programmer for utorrent. Now utorrent got fucked up by other boys have no skills about good programming![/quote]
WA GWAN?
DIS BWOY BE RA-III-GHT!
BOOYAKASHAH!
(Is it cos I is black?)
From a privet site that is on the ball, pretty strict regarding what clients they will allow.
There is an EXPLOIT in All versions of uTorrent below version 1.7.7 (including uTorrent 1.6 but not 1.6.1) that can allow an attacker to crash your client and possible code execution on your machine. In 1.7.6 it affected the webUI part.
Until further notice 1.6 and 1.6.1 are still allowed but version 1.7.5 and 1.7.6 is now banned. We do recommend you upgrade to uTorrent 1.7.7 if running uTorrent 1.7.5 or 1.7.6.
Well too bad Bitorrent isn’t open source anymore you dumbasses, :)) hahahahahaha die sharers die!
Use the 1.8 alpha. I’ve gone from around 1.8mb/s on 1.7.4 to 2.3mb/s on a 20mbit line with it!
[quote comment="273538"]Well too bad Bitorrent isn’t open source anymore you dumbasses, :)) hahahahahaha die sharers die![/quote]
Kindly fuck off.
for seeding large amount of data or torrents, rtorrent looks best.
Its not windows compatible UI program but it can easy run it on your home router with attached storage or NAS. With GUI running on windows.
azureus <3
i never had any problems with any version of utorrent.
I upgraded as soon as soon it came out. In fact, i’m the lulz who sent this in. =P
Just have a question. If i use the 1.8 alpha on private trackers, and it’s banned, will my ass be banned too? I don’t want to take the risk.
[quote comment="273744"]Just have a question. If i use the 1.8 alpha on private trackers, and it’s banned, will my ass be banned too? I don’t want to take the risk.[/quote]
No, you just won’t be able to connect. Most private trackers allow the beta, though.
Ernesto likes it in the ass
[quote comment="273538"]Well too bad Bitorrent isn’t open source anymore you dumbasses, :)) hahahahahaha die sharers die![/quote]
It still is. It’s just no longer used by Bittorrent.com as a mainline client. If you want a badass Open Source client, get Deluge.
Pages: [1] 2 » Show All
Add your response