Although Apple has made almost disappear to iTunes with macOS Catalina on company computers, we cannot forget that this program is still very active in those with Windows software. Apple is not forgetting and has just released a patch to eliminate the ransomware that was with Bonjour, iTunes, and iCloud for this platform.
It is a zero-day attack that allows the BitPaymer ransomware to be installed silently. This denies access to data, encrypting the victim's files. It has been used to primarily attack business networks and web servers.
A Ransomware that encrypts your files
Like other Trojans of the same type, the BitPaymer ransomware is designed to encrypt the files of its victims with a strong encryption algorithm. Once the victim cannot access his files, he is contacted to pay a sum of money in exchange for freeing the computer.
Windows users with iTunes installed, you know that a program called Bonjour, a program bundled with iTunes that Apple uses to distribute future updates. Developers had to include the path of the executable files by using quotation marks (""). But if the path is not quoted it becomes vulnerable and malicious files could be generated in a path thus avoiding security software.
Apple has neutralized the threat, creating a patch that solves the mess. Anyway, one of the best options you can do, not counting the iTunes and iCloud update, is to uninstall the Bonjour program and always reinstall it with the update mentioned above. There is no direct patch for Bonjour.
Do not play it and install the update, because it has been known that in some cases, the price of the ransom required to release the files has reached 70 BitCoins, about € 500.000.