An unquoted path vulnerability within Apple Software Update for Windows allowed BitPaymer’s operators to launch their ransomware payload on the devices of any target that used iTunes or iCloud for Windows. Apple patched the zero-day vulnerability with the release of iTunes 12.10.1 for Windows and iCloud for. Windows 7.14/10.7 on October 7. Ransomware operators used a previously dropped. payload instead of the Apple. Update binary, using it to launch the. payload also enabled them to evade detection, fooling anti-malware solutions.
Source: https://www.bleepingcomputer.com/news/security/apple-software-update-zero-day-used-by-bitpaymer-ransomware/